Ubuntu.comUB:CVE-2012-1090CVE-2012-1090
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%
The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10
allows local users to cause a denial of service (OOPS) via attempted access
to a special file, as demonstrated by a FIFO.
“The cifs code will attempt to open files on lookup under certain
circumstances. What happens though if we find that the file we opened
was actually a FIFO or other special file? Currently, the open
filehandle just ends up being leaked leading to a dentry refcount
mismatch and oops on umount.”
Bugs
Notes
| Author | Note |
|---|---|
| apw | currently sitting in the master branch of the tree below, waiting on merge with linus: git://git.samba.org/sfrench/cifs-2.6 see: cifs: fix dentry refcount leak when opening a FIFO on lookup now upstream (see below) |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | linux | < 2.6.32-41.88 | UNKNOWN |
| ubuntu | 11.04 | noarch | linux | < 2.6.38-15.59 | UNKNOWN |
| ubuntu | 11.10 | noarch | linux | < 3.0.0-18.31 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-345.47 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-lts-backport-natty | < 2.6.38-15.59~lucid1 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-lts-backport-oneiric | < 3.0.0-18.31~lucid1 | UNKNOWN |
| ubuntu | 11.04 | noarch | linux-ti-omap4 | < 2.6.38-1209.24 | UNKNOWN |
| ubuntu | 11.10 | noarch | linux-ti-omap4 | < 3.0.0-1208.19 | UNKNOWN |
References
thread.gmane.org/gmane.linux.kernel.cifs/5526
www.openwall.com/lists/oss-security/2012/02/28/3
launchpad.net/bugs/cve/CVE-2012-1090
nvd.nist.gov/vuln/detail/CVE-2012-1090
security-tracker.debian.org/tracker/CVE-2012-1090
ubuntu.com/security/notices/USN-1405-1
ubuntu.com/security/notices/USN-1425-1
ubuntu.com/security/notices/USN-1426-1
ubuntu.com/security/notices/USN-1431-1
ubuntu.com/security/notices/USN-1432-1
ubuntu.com/security/notices/USN-1433-1
ubuntu.com/security/notices/USN-1440-1
ubuntu.com/security/notices/USN-1446-1
ubuntu.com/security/notices/USN-1458-1
www.cve.org/CVERecord?id=CVE-2012-1090
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%