cve-2012-0028
Vulnerability from cvelistv5
Published
2012-06-21 23:00
Modified
2024-08-06 18:09
Severity ?
Summary
The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:09:17.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771764"
          },
          {
            "name": "[oss-security] 20120508 Re: CVE Request -- kernel: futex: clear robust_list on execve",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/05/08/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-06-21T23:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771764"
        },
        {
          "name": "[oss-security] 20120508 Re: CVE Request -- kernel: futex: clear robust_list on execve",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/05/08/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0028",
    "datePublished": "2012-06-21T23:00:00Z",
    "dateReserved": "2011-12-07T00:00:00Z",
    "dateUpdated": "2024-08-06T18:09:17.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0028\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-06-21T23:55:02.520\",\"lastModified\":\"2023-02-13T03:24:05.763\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de robust futex en el kernel de Linux antes de v2.6.28 no maneja adecuadamente los procesos que realizan llamadas Exec System Recovery, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio o posiblemente obtener privilegios escribiendo en una ubicaci\u00f3n de memoria en un proceso hijo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.2},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.27.62\",\"matchCriteriaId\":\"B80BC5D0-5596-44BA-90F2-261360893E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"856FE78A-29B5-4411-98A0-4B0281C17EB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"324B5A3E-FA65-4F02-9B8F-872F38CD1808\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75A8FC4-58D2-4B6A-9D8E-FF12DF52E249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE21E2AE-9E01-471C-A419-6AB40A49C2F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADFC2D46-65D0-426F-9AF8-8C910AE91D49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11795F8E-7ACD-4597-9194-FC7241DCE057\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60F381E1-F3C5-49BE-B094-4D90E7B108F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D82A6217-CFA6-4E72-8BED-0297E13EABF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CEA1AF2-2DE7-4B38-987D-15FFA70F06B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7954A701-1671-4080-B1E6-47E0208FD28C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63D06512-EAF0-48C6-98F0-066E63FF07EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F35DA6B-C6D4-47CC-97E7-9659DCFDD162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D75B48F1-623A-4B96-9E08-4AA2DE748490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E6EB7C3-D9AB-43E7-8B78-2C36AE920935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FC87A28-C6A1-4E90-BD9F-A5BE1985DB50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0383E2A5-60EE-47F3-9DA8-BF75028D511F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B0C229-2A79-47E0-856A-2AE0FF97B967\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB27B247-D6BF-49C4-B113-76C9A47B7DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F94BA1B0-52B9-4303-9C41-3ACC3AC1945E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ACBB194-1D24-464A-B79C-44B8127EAD52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E5F269-7711-447D-B798-0F5478E36299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0138807-6313-4A3F-AB5A-4B7D4A9BE287\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4BA2227-F259-499D-BF50-5074B1E7DD3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78A896D0-032C-4467-9D57-E47E8C612704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1D4C8F-8C09-4A49-AFFD-33093AE7A437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A415FECF-89CC-4D71-B1BF-6A678D32599D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98F77E54-5F4A-4D47-8DE8-097B4BBC7944\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"752148FC-1594-4108-AE0F-C5145B978454\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09546671-E75D-4F50-9D86-DFDDAC9DC5DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDC7A2D7-ACB4-4871-B7C0-02711A53DF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6964925C-4394-4E82-976B-770A99E74F1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8C909E-02D7-4B29-AA68-897BD0200B7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA036609-ADD3-4903-AB9D-E8BF81CFC776\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38F9E122-994B-4276-9FCF-A8E4D2D06D4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A15720C-3BDF-4343-B270-2575978293EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB5ADCFA-2CD8-4A00-AFEC-B84F7E0015A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EA2EE9B-27FD-49FE-8665-159DABA0E3C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C81C5F8-2224-4D84-B7C0-E18421276AFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B44A2C76-174E-40A5-9603-3B84D0D35557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42ACE154-0709-4AA1-82E3-1B7F34E63187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3022E902-9F0D-49FF-9279-71E0E1E8A873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDF77B26-91FA-4245-BFEC-43FD021A28E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"601B4C93-9A9C-40E8-A9D0-DA9D71C745EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF7CE35A-87A4-4D95-86F9-211D50E30482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA8675A-A37C-4658-9D26-3359EBA277B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00E8CB86-ECEE-4435-BEFC-B8D209B2C5AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B373DEAE-8F8B-44AA-BAE5-3A0120A541F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D40063F-13D0-4897-AE71-1C7B617C8855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC7E89C8-CF89-4FA8-A9F1-F0B415E5FE10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4034EFE6-449D-4749-9265-B47D44AA4EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F835D17-ACF9-4AE6-8C38-B74BE448B8B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21A12676-7EBE-4D83-83BD-D46CC7A1773A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FB112DB-891D-4FDB-8772-2E233A39A7BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3A0794-B10C-4DFD-9CAD-202CA1DC9250\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76E86CE6-CD1C-4412-939F-B45867068D44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F6896A4-16E0-46B6-B90C-5C002C526478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469534AB-2D0F-4B31-8121-05A792FA9332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2820354-F25B-485D-9FA7-E32B38DDBB1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF88BEB3-9EA4-47AA-B24E-DE9AD879382A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4209B4C-4901-4235-B35E-B0085AF1952F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D748A69-4A93-421E-AD83-2B63B2460A2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.27.61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2727A6AE-A1B6-4158-BB73-49D7C86104F4\"}]}]}],\"references\":[{\"url\":\"http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/05/08/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=771764\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.