CVE-2012-3520
Published Oct 3, 2012
Last updated 2 years ago
Overview
- Description
- The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32E36203-AE84-444F-A6F6-36A35BB485EE",
"versionEndIncluding": "3.2.29"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C37E17F7-A276-4A33-B454-751BF639EF9C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6ECC079-EBD4-4E01-9CAC-A4FC84F79656"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "249C1EEB-F267-44F2-B4D9-AEFA9E578FDD"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E575B550-E957-4F68-A9FA-3EF4022028A9"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "256328E7-3F4E-49A3-9F66-6DAC1F7BE941"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3E3CFEB-CF89-4697-9D3C-C1D41F5B803B"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38F7C571-2713-402F-82CD-66B5C8A50319"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D582D69B-65A9-4906-9FF3-1EC7AD2AF927"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D4E4BAD-E286-4F24-A786-B3DC281537B1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "293E5303-3BC2-4A01-99EE-F519E17F2CF9"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73D6DAAF-6D2C-4D33-9109-BC112170762F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "934CBC22-864C-468F-B267-3CDE4449DA9E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B04F515-29A7-4D6A-AFC5-3A115F8A5918"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C069C17-8314-49BA-9CF5-E5F086F49381"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3220B70-917F-4F9F-8A3B-2BF581281E8D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99372D07-C06A-41FA-9843-6D57F99AB5AF"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B9DC110-D260-4DB4-B8B0-EF1D160ADA07"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6192FE84-4D53-40D4-AF61-78CE7136141A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42FEF3CF-1302-45EB-89CC-3786FE4BAC1F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE6A6B58-2C89-4DE4-BA57-78100818095C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D467F87-2F13-4D26-9A93-E0BA526FEA24"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE348F7B-02DE-47D5-8011-F83DA9426021"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E91594EA-F0A3-41B3-A9C6-F7864FC2F229"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E1ECCDB-0208-48F6-B44F-16CC0ECE3503"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBA8B5DE-372E-47E0-A0F6-BE286D509CC3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A1CA083-2CF8-45AE-9E15-1AA3A8352E3B"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19D69A49-5290-4C5F-8157-719AD58D253D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "290BD969-42E7-47B0-B21B-06DE4865432C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23A9E29E-DE78-4C73-9FBD-C2410F5FC8B8"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "018434C9-E75F-45CB-A169-DAB4B1D864D7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC0AC68F-EC58-4C4F-8CBC-A59ECC00CCDE"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C123C844-F6D7-471E-A62E-F756042FB1CD"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A11C38BB-7FA2-49B0-AAC9-83DB387A06DB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61F3733C-E5F6-4855-B471-DF3FB823613B"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DDCA75F-9A06-4457-9A45-38A38E7F7086"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AEA837E-7864-4003-8DB7-111ED710A7E1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6FE471F-2D1F-4A1D-A197-7E46B75787E1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDA9E6AB-58DC-4EC5-A25C-11F9D0B38BF7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC6B8DB3-B05B-41A2-B091-342D66AAE8F5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "958F0FF8-33EF-4A71-A0BD-572C85211DBA"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBA39F48-B02F-4C48-B304-DA9CCA055244"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FF841F3-48A7-41D7-9C45-A8170435A5EB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF506916-A6DC-4B1E-90E5-959492AF55F4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3CDAD1F-2C6A-48C0-8FAB-C2659373FA25"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FFE4B22-C96A-43D0-B993-F51EDD9C5E0E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F571CC8B-B212-4553-B463-1DB01D616E8A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84E3E151-D437-48ED-A529-731EEFF88567"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9E3EA3C-CCA5-4433-86E0-3D02C4757A0A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7AC4F7D-9FA6-4CF1-B2E9-70BF7D4D177C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "877002ED-8097-4BB4-BB88-6FC6306C38B2"
}
],
"operator": "OR"
}
]
}
]