[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-2313Date: (C)2012-06-13   (M)2024-02-22


The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 1.2
Exploit Score: 1.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-53965
HPSBGN02970
RHSA-2012:1174
RHSA-2012:1481
RHSA-2012:1541
RHSA-2012:1589
SUSE-SU-2015:0812
http://www.openwall.com/lists/oss-security/2012/05/04/8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7
https://bugzilla.redhat.com/show_bug.cgi?id=818820
https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75

CWE    1
CWE-264
OVAL    20
oval:org.secpod.oval:def:1601276
oval:org.secpod.oval:def:202460
oval:org.secpod.oval:def:1601322
oval:org.secpod.oval:def:500871
...

© SecPod Technologies