PT-2012-3077 · Linux+3 · Linux Kernel+3

Cai Qian

Published

2012-02-28

Updated

2021-07-15

CVE-2012-1090

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.2.10

Description The issue allows local users to cause a denial of service via attempted access to a special file, such as a FIFO. This occurs because the cifs code attempts to open files on lookup under certain circumstances, and if the opened file is a special file, the open filehandle is leaked, leading to a dentry refcount mismatch and an OOPS on umount.

Recommendations For Linux kernel versions prior to 3.2.10, update to version 3.2.10 or later to resolve the issue. As a temporary workaround, consider restricting access to special files, such as FIFOs, to minimize the risk of exploitation.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CESA-2012_0481

CVE-2012-1090

DSA-2443-1

RHSA-2012:0481

RHSA-2012_0481

USN-1405-1

USN-1425-1

USN-1426-1

USN-1431-1

USN-1432-1

USN-1433-1

USN-1440-1

USN-1446-1

USN-1458-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

PT-2012-3077 · Linux+3 · Linux Kernel+3

CVE-2012-1090

Weakness Enumeration

Related Identifiers

Affected Products

References · 28