Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2012-3375 | First vendor Publication | 2012-10-03 |
Vendor | Cve | Last vendor Modification | 2023-11-07 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 4.9 | Attack Range | Local |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3375 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21242 | |||
Oval ID: | oval:org.mitre.oval:def:21242 | ||
Title: | RHSA-2012:1061: kernel security and bug fix update (Moderate) | ||
Description: | The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1061-00 CESA-2012:1061 CVE-2012-3375 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27194 | |||
Oval ID: | oval:org.mitre.oval:def:27194 | ||
Title: | ELSA-2012-1061-1 -- kernel security and bug fix update (moderate) | ||
Description: | [2.6.18-308.11.1.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] +- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1061-1 CVE-2012-3375 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27701 | |||
Oval ID: | oval:org.mitre.oval:def:27701 | ||
Title: | DEPRECATED: ELSA-2012-1061 -- kernel security and bug fix update (moderate) | ||
Description: | [2.6.18-308.11.1.el5] - [net] ixgbe: remove flow director stats (Andy Gospodarek) [832169 830226] - [net] ixgbe: fix default return value for ixgbe_cache_ring_fdir (Andy Gospodarek) [832169 830226] - [net] ixgbe: reverting setup redirection table for multiple packet buffers (Andy Gospodarek) [832169 830226] [2.6.18-308.10.1.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] {CVE-2012-2934} - [scsi] qla2xxx: Use ha->pdev->revision in 4Gbps MSI-X check. (Chad Dupuis) [816373 800653] - [fs] sunrpc: do array overrun check in svc_recv before page alloc (J. Bruce Fields) [820358 814626] - [fs] knfsd: fix an NFSD bug with full size non-page-aligned reads (J. Bruce Fields) [820358 814626] - [fs] sunrpc: fix oops due to overrunning server's page array (J. Bruce Fields) [820358 814626] - [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [829670 817131] - [x86_64] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [824654 818787] - [net] sunrpc: Don't use list_for_each_entry_safe in rpc_wake_up (Steve Dickson) [817571 809937] - [s390] qeth: add missing wake_up call (Hendrik Brueckner) [829059 790900] [2.6.18-308.9.1.el5] - [fs] jbd: clear b_modified before moving the jh to a different transaction (Josef Bacik) [827205 563247] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1061 CVE-2012-3375 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-17 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1539-1 File : nvt/gb_ubuntu_USN_1539_1.nasl |
2012-08-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1514-1 File : nvt/gb_ubuntu_USN_1514_1.nasl |
2012-08-14 | Name : Ubuntu Update for linux USN-1529-1 File : nvt/gb_ubuntu_USN_1529_1.nasl |
2012-08-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1532-1 File : nvt/gb_ubuntu_USN_1532_1.nasl |
2012-08-14 | Name : Ubuntu Update for linux USN-1533-1 File : nvt/gb_ubuntu_USN_1533_1.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:1061 centos5 File : nvt/gb_CESA-2012_1061_kernel_centos5.nasl |
2012-07-16 | Name : RedHat Update for kernel RHSA-2012:1061-01 File : nvt/gb_RHSA-2012_1061-01_kernel.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1150.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-176.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1061-1.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2026.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2025.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1061.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120714.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120805.nasl - Type : ACT_GATHER_INFO |
2012-08-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1539-1.nasl - Type : ACT_GATHER_INFO |
2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1514-1.nasl - Type : ACT_GATHER_INFO |
2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1529-1.nasl - Type : ACT_GATHER_INFO |
2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1532-1.nasl - Type : ACT_GATHER_INFO |
2012-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1533-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120710_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1061.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1061.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:19:50 |
|
2024-02-01 12:05:53 |
|
2023-11-07 21:46:40 |
|
2023-09-05 12:18:44 |
|
2023-09-05 01:05:45 |
|
2023-09-02 12:18:45 |
|
2023-09-02 01:05:51 |
|
2023-08-12 12:22:33 |
|
2023-08-12 01:05:51 |
|
2023-08-11 12:18:52 |
|
2023-08-11 01:06:01 |
|
2023-08-06 12:18:08 |
|
2023-08-06 01:05:52 |
|
2023-08-04 12:18:12 |
|
2023-08-04 01:05:55 |
|
2023-07-14 12:18:11 |
|
2023-07-14 01:05:49 |
|
2023-03-29 01:20:07 |
|
2023-03-28 12:05:57 |
|
2023-02-13 09:28:39 |
|
2022-10-11 12:16:15 |
|
2022-10-11 01:05:32 |
|
2022-03-11 01:13:14 |
|
2021-05-25 12:10:11 |
|
2021-05-04 12:20:50 |
|
2021-04-22 01:24:51 |
|
2020-08-11 12:07:50 |
|
2020-08-08 01:07:50 |
|
2020-08-07 12:07:58 |
|
2020-08-07 01:08:15 |
|
2020-08-01 12:07:51 |
|
2020-07-30 01:08:14 |
|
2020-05-23 01:49:12 |
|
2020-05-23 00:34:08 |
|
2019-01-25 12:04:48 |
|
2018-11-17 12:03:20 |
|
2018-10-30 12:05:10 |
|
2016-06-30 21:34:48 |
|
2016-06-29 00:27:00 |
|
2016-06-28 19:12:42 |
|
2016-04-26 22:03:43 |
|
2015-05-21 13:29:31 |
|
2014-07-23 13:24:45 |
|
2014-06-14 13:33:09 |
|
2014-02-17 11:11:31 |
|
2013-08-17 17:20:27 |
|
2013-05-10 22:42:15 |
|
2013-03-23 13:18:19 |
|
2013-01-24 13:22:24 |
|