CVE-2012-3520

Published Oct 3, 2012
Last updated 3 months ago
CVSS info 1.9
Overview

Description: The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 1.9
Impact score: 2.9
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-287
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E36203-AE84-444F-A6F6-36A35BB485EE",
            "versionEndIncluding": "3.2.29"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C37E17F7-A276-4A33-B454-751BF639EF9C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6ECC079-EBD4-4E01-9CAC-A4FC84F79656"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "249C1EEB-F267-44F2-B4D9-AEFA9E578FDD"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E575B550-E957-4F68-A9FA-3EF4022028A9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "256328E7-3F4E-49A3-9F66-6DAC1F7BE941"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3E3CFEB-CF89-4697-9D3C-C1D41F5B803B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38F7C571-2713-402F-82CD-66B5C8A50319"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D582D69B-65A9-4906-9FF3-1EC7AD2AF927"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D4E4BAD-E286-4F24-A786-B3DC281537B1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "293E5303-3BC2-4A01-99EE-F519E17F2CF9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.3.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73D6DAAF-6D2C-4D33-9109-BC112170762F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "934CBC22-864C-468F-B267-3CDE4449DA9E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B04F515-29A7-4D6A-AFC5-3A115F8A5918"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C069C17-8314-49BA-9CF5-E5F086F49381"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3220B70-917F-4F9F-8A3B-2BF581281E8D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99372D07-C06A-41FA-9843-6D57F99AB5AF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B9DC110-D260-4DB4-B8B0-EF1D160ADA07"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6192FE84-4D53-40D4-AF61-78CE7136141A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42FEF3CF-1302-45EB-89CC-3786FE4BAC1F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE6A6B58-2C89-4DE4-BA57-78100818095C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D467F87-2F13-4D26-9A93-E0BA526FEA24"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE348F7B-02DE-47D5-8011-F83DA9426021"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E91594EA-F0A3-41B3-A9C6-F7864FC2F229"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E1ECCDB-0208-48F6-B44F-16CC0ECE3503"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBA8B5DE-372E-47E0-A0F6-BE286D509CC3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A1CA083-2CF8-45AE-9E15-1AA3A8352E3B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19D69A49-5290-4C5F-8157-719AD58D253D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "290BD969-42E7-47B0-B21B-06DE4865432C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23A9E29E-DE78-4C73-9FBD-C2410F5FC8B8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "018434C9-E75F-45CB-A169-DAB4B1D864D7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC0AC68F-EC58-4C4F-8CBC-A59ECC00CCDE"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C123C844-F6D7-471E-A62E-F756042FB1CD"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A11C38BB-7FA2-49B0-AAC9-83DB387A06DB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61F3733C-E5F6-4855-B471-DF3FB823613B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DDCA75F-9A06-4457-9A45-38A38E7F7086"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AEA837E-7864-4003-8DB7-111ED710A7E1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6FE471F-2D1F-4A1D-A197-7E46B75787E1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDA9E6AB-58DC-4EC5-A25C-11F9D0B38BF7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC6B8DB3-B05B-41A2-B091-342D66AAE8F5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "958F0FF8-33EF-4A71-A0BD-572C85211DBA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBA39F48-B02F-4C48-B304-DA9CCA055244"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FF841F3-48A7-41D7-9C45-A8170435A5EB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF506916-A6DC-4B1E-90E5-959492AF55F4"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3CDAD1F-2C6A-48C0-8FAB-C2659373FA25"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FFE4B22-C96A-43D0-B993-F51EDD9C5E0E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F571CC8B-B212-4553-B463-1DB01D616E8A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84E3E151-D437-48ED-A529-731EEFF88567"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9E3EA3C-CCA5-4433-86E0-3D02C4757A0A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7AC4F7D-9FA6-4CF1-B2E9-70BF7D4D177C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "877002ED-8097-4BB4-BB88-6FC6306C38B2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
