| Revision Date: | 2012-06-13 | Version: | 1 | | Title: | CVE-2012-2313 on Ubuntu 14.04 LTS (trusty) - medium. | | Description: | The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2012-2313
| | Platform(s): | Ubuntu 14.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 14.04 LTS (trusty) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in trusty is not affected (note: '3.11.0-12.19').
OR NOT While related to the CVE in some way, the 'linux-aws' package in trusty is not affected (note: '4.4.0-1002.2').
OR NOT While related to the CVE in some way, the 'linux-flo' package in trusty is not affected (note: '3.4.0-1.3').
OR NOT While related to the CVE in some way, the 'linux-goldfish' package in trusty is not affected (note: '3.4.0-1.9').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-lts-utopic' package in trusty is not affected (note: '3.16.0-25.33~14.04.2').
OR NOT While related to the CVE in some way, the 'linux-lts-vivid' package in trusty is not affected (note: '3.19.0-18.18~14.04.1').
OR NOT While related to the CVE in some way, the 'linux-lts-wily' package in trusty is not affected (note: '4.2.0-18.22~14.04.1').
OR NOT While related to the CVE in some way, the 'linux-lts-xenial' package in trusty is not affected (note: '4.4.0-13.29~14.04.1').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-mako' package in trusty is not affected (note: '3.4.0-3.21').
OR NOT While related to the CVE in some way, the 'linux-manta' package in trusty is not affected (note: '3.4.0-4.19').
|
|