Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-2372
HistoryJun 18, 2012 - 12:00 a.m.

CVE-2012-2372

2012-06-1800:00:00
ubuntu.com
ubuntu.com
15

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram
Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier
allows local users to cause a denial of service (BUG_ON and kernel panic)
by establishing an RDS connection with the source IP address equal to the
IPoIB interface’s own IP address, as demonstrated by rds-ping.

Bugs

Notes

Author Note
jdstrand linux-armadaxp is maintained by OEM
apw this is claimed fixed by RedHat but I cannot find the fix anywhere, the only reference I did find to the CVE in Fedora implies they have miss tagged the fix for CVE-2012-2373 as 2372: http://permalink.gmane.org/gmane.linux.redhat.fedora.extras.cvs/775892 note the patch is the x86 pmd patch. needs-triage back to -security for lack of a clear direction on a fix (per irc discussions) Looking at the RHEL kernels it appears that this is the fix, though it is not upstream as yet: http://people.canonical.com/~apw/misc/cves/CVE-2012-2372-1.diff
kees https://oss.oracle.com/git/?p=redpatch.git;a=commitdiff;h=c7b6a0a1d8d636852be130fa15fa8be10d4704e8 seems fixed upstream by 18fc25c94eadc52a42c025125af24657a93638c0
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlinux<Β 2.6.32-42.96UNKNOWN
ubuntu11.04noarchlinux<Β 2.6.38-15.65UNKNOWN
ubuntu11.10noarchlinux<Β 3.0.0-25.41UNKNOWN
ubuntu12.04noarchlinux<Β 3.2.0-29.46UNKNOWN
ubuntu12.04noarchlinux-armadaxp<Β 3.2.0-1606.9UNKNOWN
ubuntu10.04noarchlinux-ec2<Β 2.6.32-347.53UNKNOWN
ubuntu10.04noarchlinux-lts-backport-natty<Β 2.6.38-15.65~lucid1UNKNOWN
ubuntu10.04noarchlinux-lts-backport-oneiric<Β 3.0.0-25.41~lucid1UNKNOWN
ubuntu11.04noarchlinux-ti-omap4<Β 2.6.38-1209.25UNKNOWN
ubuntu11.10noarchlinux-ti-omap4<Β 3.0.0-1215.27UNKNOWN
Rows per page:
1-10 of 111

Related

nessus 41
openvas 94
fedora 21
seebug 1
ubuntucve 1
cve 2
prion 2
debiancve 1
securityvulns 5
centos 2
redhat 2
oraclelinux 6
ubuntu 13
amazon 1
suse 6
vmware 1
nessus
nessus
Fedora 16 : kernel-3.3.8-1.fc16 (2012-8890)
2012-06-14 00:00:00
SUSE SLES10 Security Update : OFED (SUSE-SU-2013:0713-1)
2015-05-20 00:00:00
Ubuntu 11.10 : linux vulnerability (USN-1554-1)
2012-09-05 00:00:00
openvas
openvas
Fedora Update for kernel FEDORA-2012-8824
2012-08-30 00:00:00
Fedora Update for kernel FEDORA-2012-8824
2012-08-30 00:00:00
Ubuntu Update for linux USN-1554-1
2012-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: kernel-3.4.0-1.fc17
2012-06-07 02:34:03
[SECURITY] Fedora 17 Update: kernel-3.5.2-3.fc17
2012-08-22 21:02:48
[SECURITY] Fedora 17 Update: kernel-3.6.3-1.fc17
2012-10-28 00:51:48
seebug
seebug
Linux kernel 2.6.x η«žδΊ‰ζ‘δ»Άζœ¬εœ°ζ‹’η»ζœεŠ‘ζΌζ΄ž
2012-05-21 00:00:00
ubuntucve
ubuntucve
CVE-2012-2373
2012-05-18 00:00:00
cve
cve
CVE-2012-2373
2012-08-09 10:29:00
CVE-2012-2372
2013-01-22 23:55:00
prion
prion
Design/Logic Flaw
2013-01-22 23:55:00
Race condition
2012-08-09 10:29:00
debiancve
debiancve
CVE-2012-2372
2013-01-22 23:55:00
securityvulns
securityvulns
[USN-1529-1] Linux kernel vulnerabilities
2012-08-13 00:00:00
Linux kernel multiple security vulnerabilities
2012-08-13 00:00:00
[USN-1531-1] Linux kernel vulnerabilities
2012-08-13 00:00:00
centos
centos
kernel, perf, python security update
2012-06-19 10:27:24
kernel security update
2012-12-05 10:07:09
redhat
redhat
(RHSA-2012:0743) Important: kernel security and bug fix update
2012-06-18 00:00:00
(RHSA-2012:1540) Important: kernel security, bug fix, and enhancement update
2012-12-04 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2012-06-18 00:00:00
Unbreakable Enterprise kernel security and bugfix update
2012-06-20 00:00:00
1
2012-12-05 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2012-08-10 00:00:00
Linux kernel (Natty backport) vulnerabilities
2012-08-14 00:00:00
Linux kernel (EC2) vulnerabilities
2012-09-06 00:00:00
amazon
amazon
Medium: kernel
2012-07-05 16:19:00
suse
suse
Security update for Linux kernel (important)
2012-06-26 02:08:23
Security update for Linux kernel (important)
2014-07-17 05:04:18
Security update for Linux kernel (important)
2014-07-17 05:47:46
vmware
vmware
VMware ESX updates to third party libraries
2013-12-05 00:00:00

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON
Related for UB:CVE-2012-2372
nessus41openvas94fedora21seebug1ubuntucve1cve2prion2debiancve1securityvulns5centos2redhat2oraclelinux6ubuntu13amazon1suse6vmware1