Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0028

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2012-0028
Last Modified 22 Jun 2012 03:27:44
Published 21 Jun 2012 07:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-0028

Summary

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.27

  • Linux Kernel 2.6.27.1

  • Linux Kernel 2.6.27.10

  • Linux Kernel 2.6.27.11

  • Linux Kernel 2.6.27.12

  • Linux Kernel 2.6.27.13

  • Linux Kernel 2.6.27.14

  • Linux Kernel 2.6.27.15

  • Linux Kernel 2.6.27.16

  • Linux Kernel 2.6.27.17

  • Linux Kernel 2.6.27.18

  • Linux Kernel 2.6.27.19

  • Linux Kernel 2.6.27.2

  • Linux Kernel 2.6.27.20

  • Linux Kernel 2.6.27.21

  • Linux Kernel 2.6.27.22

  • Linux Kernel 2.6.27.23

  • Linux Kernel 2.6.27.24

  • Linux Kernel 2.6.27.25

  • Linux Kernel 2.6.27.26

  • Linux Kernel 2.6.27.27

  • Linux Kernel 2.6.27.28

  • Linux Kernel 2.6.27.29

  • Linux Kernel 2.6.27.3

  • Linux Kernel 2.6.27.30

  • Linux Kernel 2.6.27.31

  • Linux Kernel 2.6.27.32

  • Linux Kernel 2.6.27.33

  • Linux Kernel 2.6.27.34

  • Linux Kernel 2.6.27.35

  • Linux Kernel 2.6.27.36

  • Linux Kernel 2.6.27.37

  • Linux Kernel 2.6.27.38

  • Linux Kernel 2.6.27.39

  • Linux Kernel 2.6.27.4

  • Linux Kernel 2.6.27.40

  • Linux Kernel 2.6.27.41

  • Linux Kernel 2.6.27.42

  • Linux Kernel 2.6.27.43

  • Linux Kernel 2.6.27.44

  • Linux Kernel 2.6.27.45

  • Linux Kernel 2.6.27.46

  • Linux Kernel 2.6.27.47

  • Linux Kernel 2.6.27.48

  • Linux Kernel 2.6.27.49

  • Linux Kernel 2.6.27.5

  • Linux Kernel 2.6.27.50

  • Linux Kernel 2.6.27.51

  • Linux Kernel 2.6.27.52

  • Linux Kernel 2.6.27.53

  • Linux Kernel 2.6.27.54

  • Linux Kernel 2.6.27.55

  • Linux Kernel 2.6.27.56

  • Linux Kernel 2.6.27.57

  • Linux Kernel 2.6.27.58

  • Linux Kernel 2.6.27.59

  • Linux Kernel 2.6.27.6

  • Linux Kernel 2.6.27.60

  • Linux Kernel 2.6.27.61

  • Linux Kernel 2.6.27.62

  • Linux Kernel 2.6.27.7

  • Linux Kernel 2.6.27.8

  • Linux Kernel 2.6.27.9


References

CONFIRM - https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=771764

MLIST - [oss-security] 20120508 Re: CVE Request -- kernel: futex: clear robust_list on execve

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8141c7f3e7aee618312fa1c15109e1219de784a7

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28

Related Patches

Red Hat 2012:0107-01 RHSA Important: kernel security and bug fix update for RHEL 5 x86

Red Hat 2012:0107-01 RHSA Important: kernel security and bug fix update for RHEL 5 x86_64


Last Updated: 27 May 2016 10:56:34