Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2012-2313
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call..
CVSSv2.0 Score
- Severity
- Low
- Base Score
- 1.2/10
- Exploit Score
- 1.9/10
- Access Vector
- Local
- Access Complexity
- High
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- Partial
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:l |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z:*:server:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:server:*:* |
Yes
|
- | - |
References
- http://www.openwall.com/lists/oss-security/2012/05/04/8
- https://bugzilla.redhat.com/show_bug.cgi?id=818820
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7
- https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75
- http://rhn.redhat.com/errata/RHSA-2012-1174.html
- http://rhn.redhat.com/errata/RHSA-2012-1589.html
- http://rhn.redhat.com/errata/RHSA-2012-1481.html
- http://www.securityfocus.com/bid/53965
- http://rhn.redhat.com/errata/RHSA-2012-1541.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
- http://marc.info/?l=bugtraq&m=139447903326211&w=2
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e94