| Vulnerability Name: | CVE-2012-2127 (CCN-76628) | ||||||||||||||||||||||||||||||||
| Assigned: | 2012-06-20 | ||||||||||||||||||||||||||||||||
| Published: | 2012-06-20 | ||||||||||||||||||||||||||||||||
| Updated: | 2013-02-12 | ||||||||||||||||||||||||||||||||
| Summary: | fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. | ||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2012-2127 Source: CCN Type: Linux Kernel GIT Repository procfs: fix a vfsmount longterm reference leak Source: CONFIRM Type: UNKNOWN http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=905ad269c55fc62bee3da29f7b1d1efeba8aa1e1 Source: UBUNTU Type: UNKNOWN USN-1607-1 Source: CONFIRM Type: UNKNOWN http://www.kernel.org/pub/linux/kernel/v3.x/ Source: CONFIRM Type: Patch http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.2.bz2 Source: MLIST Type: Exploit [oss-security] 20120420 Re: CVE request: pid namespace leak in kernel 3.0 and 3.1 Source: MLIST Type: UNKNOWN [oss-security] 20120422 Re: Re: CVE request: pid namespace leak in kernel 3.0 and 3.1 Source: CCN Type: OSVDB ID: 82813 Linux Kernel namespace Handling Leaks Remote DoS Source: BID Type: UNKNOWN 55774 Source: CCN Type: BID-55774 Linux Kernel 'fs/proc/root.c' Remote Denial of Service Vulnerability Source: UBUNTU Type: UNKNOWN USN-1594-1 Source: CONFIRM Type: Exploit https://bugzilla.novell.com/show_bug.cgi?id=757783 Source: CCN Type: Red Hat Bugzilla Bug 815188 CVE-2012-2127 kernel: pid namespace leak in kernel 3.0 and 3.1 Source: CONFIRM Type: Exploit https://bugzilla.redhat.com/show_bug.cgi?id=815188 Source: XF Type: UNKNOWN kernel-root-dos(76628) Source: CONFIRM Type: Exploit, Patch https://github.com/torvalds/linux/commit/905ad269c55fc62bee3da29f7b1d1efeba8aa1e1 | ||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||