CVE-2012-2313

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

CVSS v2.0 1.2 LOW

1.2^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:H/Au:N/C:N/I:N/A:P

Exploitability : 1.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2012/05/04/8	Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=818820	Issue Tracking
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7	Release Notes
https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75	Exploit Patch
http://rhn.redhat.com/errata/RHSA-2012-1174.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1589.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1481.html	Third Party Advisory
http://www.securityfocus.com/bid/53965	Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2012-1541.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html	Third Party Advisory
http://marc.info/?l=bugtraq&m=139447903326211&w=2	Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel:3.3:rc4::::::
	cpe:2.3:o:linux:linux_kernel:3.3:rc5::::::
	cpe:2.3:o:linux:linux_kernel:3.3:rc3::::::
	cpe:2.3:o:linux:linux_kernel:3.3.2:::::::*
	cpe:2.3:o:linux:linux_kernel:3.3.3:::::::*
	cpe:2.3:o:linux:linux_kernel:3.3:rc2::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:3.3.4:::::::*
	cpe:2.3:o:linux:linux_kernel:3.3.5:::::::*
	cpe:2.3:o:linux:linux_kernel:3.3:rc6::::::
	cpe:2.3:o:linux:linux_kernel:3.3:rc1::::::
	cpe:2.3:o:linux:linux_kernel:3.3:::::::*
	cpe:2.3:o:linux:linux_kernel:3.3:rc7::::::
	cpe:2.3:o:linux:linux_kernel:3.3.1:::::::*

Configuration 2 (hide)

cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:ltss:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux:5::server:::::
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0::client:::::
	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z::server:::::
	cpe:2.3:o:redhat:enterprise_linux_long_life:5.6::server:::::

Information

Published : 2012-06-13 03:24

Updated : 2023-02-12 16:24

NVD link : CVE-2012-2313

Mitre link : CVE-2012-2313

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Products Affected

redhat

enterprise_linux_desktop
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_long_life
enterprise_linux_server_eus
enterprise_linux_eus

novell

suse_linux_enterprise_server

linux

linux_kernel

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2012/05/04/8", "name": "[oss-security] 20120504 Re: CVE Request: more tight ioctl permissions in dl2k driver", "tags": ["Mailing List"], "refsource": "MLIST"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=818820", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=818820", "tags": ["Issue Tracking"], "refsource": "CONFIRM"}, {"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7", "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7", "tags": ["Release Notes"], "refsource": "CONFIRM"}, {"url": "https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75", "name": "https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75", "tags": ["Exploit", "Patch"], "refsource": "CONFIRM"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1174.html", "name": "RHSA-2012:1174", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1589.html", "name": "RHSA-2012:1589", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1481.html", "name": "RHSA-2012:1481", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/53965", "name": "53965", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1541.html", "name": "RHSA-2012:1541", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html", "name": "SUSE-SU-2015:0812", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2", "name": "HPSBGN02970", "tags": ["Third Party Advisory"], "refsource": "HP"}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-2313", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 1.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-06-13T10:24Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.3.6"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:ltss:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z:*:server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:server:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T00:24Z"}

1.2 /10