CVE-2012-2319

Published May 17, 2012

Last updated 2 years ago

Overview

Description: Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FF9F960-C2EA-4018-94CE-8D893CA8A7F9",
            "versionEndIncluding": "3.3.3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2012-2319
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f24f892871acc47b40dd594c63606a17c714f77
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://rhn.redhat.com/errata/RHSA-2012-1323.html
http://rhn.redhat.com/errata/RHSA-2012-1347.html
http://secunia.com/advisories/50811
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5
http://www.openwall.com/lists/oss-security/2012/05/07/11
https://bugzilla.redhat.com/show_bug.cgi?id=819471
https://github.com/torvalds/linux/commit/6f24f892871acc47b40dd594c63606a17c714f77

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References