Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2127

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-2127
Last Modified 12 Feb 2013 12:08:18
Published 21 Jun 2012 07:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2127

Summary

fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd.

Vulnerable Systems

Operating System

  • Linux Kernel 3.1.1

  • Linux Kernel 3.1.10

  • Linux Kernel 3.1.2

  • Linux Kernel 3.1.3

  • Linux Kernel 3.1.4

  • Linux Kernel 3.1.5

  • Linux Kernel 3.1.6

  • Linux Kernel 3.1.7

  • Linux Kernel 3.1.8

  • Linux Kernel 3.1.9


References

CONFIRM - https://github.com/torvalds/linux/commit/905ad269c55fc62bee3da29f7b1d1efeba8aa1e1

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=815188

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=757783

MLIST - [oss-security] 20120422 Re: Re: CVE request: pid namespace leak in kernel 3.0 and 3.1

MLIST - [oss-security] 20120420 Re: CVE request: pid namespace leak in kernel 3.0 and 3.1

CONFIRM - http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.2.bz2

CONFIRM - http://www.kernel.org/pub/linux/kernel/v3.x/

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=905ad269c55fc62bee3da29f7b1d1efeba8aa1e1

UBUNTU - USN-1607-1

UBUNTU - USN-1594-1

BID - 55774

Related Patches

Novell SUSE 2012:6338 kernel security update for SLE 11 SP2 i586

Novell SUSE 2012:6349 kernel security update for SLE 11 SP2 x86_64


Last Updated: 27 May 2016 10:56:34