CVE-2011-4127

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.2.2

Description The issue allows local users to bypass intended restrictions on disk read and write operations. This is achieved by sending a SCSI command to either a partition block device or an LVM volume, due to the Linux kernel's failure to properly restrict SG IO ioctl calls.

Recommendations For versions prior to 3.2.2, update to version 3.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the SG IO ioctl calls to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CESA-2011_1849

CVE-2011-4127

DSA-2389-1

DSA-2443-1

RHSA-2011:1849

RHSA-2011:1850

RHSA-2011_1849

RHSA-2012:0107

RHSA-2012:0333

RHSA-2012:0358

RHSA-2012_0107

SUSE-SU-2015:0481-1

SUSE-SU-2015:0652-1

USN-1384-1

USN-1388-1

USN-1389-1

USN-1405-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

CVE-2011-4127

Weakness Enumeration

Related Identifiers

Affected Products

References · 27