CVE-2011-4127

🗓️ 23 Dec 2011 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 41 Views

The Linux kernel before 3.2.2 allows local users to bypass disk read and write restrictions via SG_IO ioctl calls

Reporter	Title	Published	Views	Family All 208
Amazon	Medium: kernel	6 Jan 201200:00	–	amazon
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2012-34)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 6 : kernel (CESA-2011:1849)	28 Dec 201100:00	–	nessus
Tenable Nessus	CentOS 6 : qemu-kvm (CESA-2012:0050)	25 Jan 201200:00	–	nessus
Tenable Nessus	CentOS 5 : kernel (CESA-2012:0107)	14 Feb 201200:00	–	nessus
Tenable Nessus	Debian DSA-2389-1 : linux-2.6 - privilege escalation/denial of service/information leak	18 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 16 : libguestfs-1.14.8-1.fc16 (2011-17372)	6 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 15 : libguestfs-1.10.12-1.fc15 (2011-17388)	6 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 15 : kernel-2.6.41.10-3.fc15 (2012-0861)	25 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 16 : kernel-3.2.1-3.fc16 (2012-0876)	25 Jan 201200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	10.04	any	linux	2.6.32-39.86	linux_2.6.32-39.86_any.deb
Ubuntu	11.10	any	linux	3.0.0-16.29	linux_3.0.0-16.29_any.deb
Ubuntu	10.04	any	linux-ec2	2.6.32-343.45	linux-ec2_2.6.32-343.45_any.deb
Ubuntu	10.04	any	linux-lts-backport-oneiric	3.0.0-16.29~lucid1	linux-lts-backport-oneiric_3.0.0-16.29~lucid1_any.deb

Source	Link
lkml	www.lkml.org/lkml/2004/8/12/218
lkml	www.lkml.org/lkml/2004/8/12/260
lkml	www.lkml.org/lkml/2011/12/22/270
ubuntu	www.ubuntu.com/security/notices/USN-1384-1
ubuntu	www.ubuntu.com/security/notices/USN-1388-1
ubuntu	www.ubuntu.com/security/notices/USN-1389-1
ubuntu	www.ubuntu.com/security/notices/USN-1405-1
cve	www.cve.org/CVERecord

29 Jul 2025 14:44Current

6.2Medium risk

Vulners AI Score6.2

CVSS 24.6

EPSS0.00057

linux kernel local users disk operations sg_io ioctl security vulnerability