CVE-2012-2313

Published Jun 13, 2012

Last updated 2 years ago

CVSS info 1.2

Overview

Description: The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 1.2
Impact score: 2.9
Exploitability score: 1.9
Vector string: AV:L/AC:H/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EC88F78-D859-4665-9333-D770D2BDAC4E",
            "versionEndIncluding": "3.3.6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFB76697-1C2F-48C0-9B14-517EC053D4B3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BED88DFD-1DC5-4505-A441-44ECDEF0252D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBFD2ACD-728A-4082-BB6A-A1EF6E58E47D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C31B0E51-F62D-4053-B04F-FC4D5BC373D2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A914303E-1CB6-4AAD-9F5F-DE5433C4E814"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "203BBA69-90B2-4C5E-8023-C14180742421"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DBFAB53-B889-4028-AC0E-7E165B152A18"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE409AEC-F677-4DEF-8EB7-2C35809043CE"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "578EC12B-402F-4AD4-B8F8-C9B2CAB06891"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "877002ED-8097-4BB4-BB88-6FC6306C38B2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76294CE3-D72C-41D5-9E0F-B693D0042699"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "916E97D4-1FAB-42F5-826B-653B1C0909A8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33FD2217-C5D0-48C1-AD74-3527127FEF9C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D421F7F-A203-4868-846D-3A057610D399"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5833A489-D6DE-4D51-9E74-189CBC2E28CA"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z:*:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "026F2D9B-DE83-4C80-AE90-6302BAE9A41B"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45857E5F-C284-4056-90F5-715931D59D55"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB558E85-8929-4685-8F58-D9DA0EC8BE48"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE3115B4-5DF0-415B-83D9-CC460AF75586"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References