VulDB: Linux Kernel Reliable Datagram Sockets denial of service [CVE-2012-2372]
General
scipID: 5571
Affected: Linux Kernel
Published: 06/18/2012 (Li Honggang)
Risk: 
problematic
Entry: 83.6% complete
Created: 06/22/2012
Updated: 09/03/2012
Summary
A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects an unknown function of the component Reliable Datagram Sockets. The manipulation with an unknown input leads to a denial of service vulnerability. This is going to have an impact on availability.
The weakness was released 06/18/2012 by Li Honggang as 822754 as advisory (Red Hat Security Advisory). The advisory is shared for download at bugzilla.redhat.com. This vulnerability is uniquely identified as CVE-2012-2372 since 04/19/2012. The attack needs to be approached locally. The successful exploitation needs a single authentication. The technical details are unknown and an exploit is not publicly available.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at rhn.redhat.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (83056) and Secunia (SA49625).CVSS
Base Score: 4.4 (CVSS2#AV:L/AC:M/Au:S/C:N/I:N/A:C) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
Exploiting
Class: Denial of service
Local: Yes
Remote: No
Availability: No
Countermeasures
Recommended: Patch
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known
Patch: rhn.redhat.com
Timeline
04/19/2012 | CVE assigned
06/18/2012 | Advisory disclosed
06/18/2012 | Countermeasure disclosed
06/20/2012 | OSVDB entry created
06/22/2012 | VulDB entry created
09/03/2012 | VulDB entry updated
Sources
Advisory: 822754
Researcher: Li Honggang
OSVDB: 83056
CVE: CVE-2012-2372 (mitre.org) (nist.org) (cvedetails.com)
Secunia: 49625
- Latest Entries
- Apple QuickTime DREF Atom Handler buffer overflow [CVE-2013-1017]
- Apple QuickTime H.264 Handler buffer overflow [CVE-2013-1018]
- Apple QuickTime MP3 File Handler buffer overflow [CVE-2013-0989]
- Apple QuickTime Sorenson Codec Handler buffer overflow [CVE-2013-1019]
- Apple QuickTime JPEG Handler buffer overflow [CVE-2013-1020]
- Statistics
- Archive
