Oval Definition:	oval:com.ubuntu.precise:def:20121090000
Revision Date: 2012-05-17 Version: 1 Title: CVE-2012-1090 on Ubuntu 12.04 LTS (precise) - low. Description: The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. "The cifs code will attempt to open files on lookup under certain circumstances. What happens though if we find that the file we opened was actually a FIFO or other special file? Currently, the open filehandle just ends up being leaked leading to a dentry refcount mismatch and oops on umount." A flaw was discovered in the Linux kernel's cifs file system. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Family: unix Class: vulnerability Status: Reference(s): CVE-2012-1090 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in precise is not affected (note: '3.2.0-19.30'). OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected (note: '3.2.0-1601.4'). OR NOT While related to the CVE in some way, the 'linux-lts-quantal' package in precise is not affected (note: '3.5.0-18.29~precise1'). OR NOT While related to the CVE in some way, the 'linux-lts-raring' package in precise is not affected (note: '3.8.0-19.30~precise1'). OR NOT While related to the CVE in some way, the 'linux-lts-trusty' package in precise is not affected (note: '3.13.0-24.46~precise1'). OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected (note: '3.2.0-1412.15').
BACK