Vulnerability Details : CVE-2012-2136
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.
Vulnerability category: OverflowInput validationDenial of service
Products affected by CVE-2012-2136
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-2136
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-2136
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2012-2136
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2136
-
http://www.securityfocus.com/bid/53721
Linux Kernel 'sock_alloc_send_pskb()' Function Heap Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
http://www.ubuntu.com/usn/USN-1535-1
USN-1535-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://ubuntu.com/usn/usn-1529-1
USN-1529-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5
Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2012-0743.html
RHSA-2012:0743 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc
Broken Link
-
https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc
net: sock: validate data_len before allocating skb in sock_alloc_send… · torvalds/linux@cc9b17a · GitHubExploit;Patch
-
https://bugzilla.redhat.com/show_bug.cgi?id=816289
816289 – (CVE-2012-2136) CVE-2012-2136 kernel: net: insufficient data_len validation in sock_alloc_send_pskb()Issue Tracking
-
http://secunia.com/advisories/50807
Sign inURL Repurposed
-
http://rhn.redhat.com/errata/RHSA-2012-1087.html
RHSA-2012:1087 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Jump to