[email protected]CVE-2012-2319

HistoryMay 17, 2012 - 11:00 a.m.

CVE-2012-2319

2012-05-1711:00:38

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-2319

buffer overflow

hfsplus filesystem

linux kernel

privilege escalation

nvd

cve-2009-4020

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.092

Percentile

94.7%

JSON

Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤3.3.3

VendorProductVersionCPE
linuxlinux_kernelcpe:/o:linux:linux_kernel::::

Vendor	Product	Version	CPE
linux	linux_kernel		cpe:/o:linux:linux_kernel::::

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f24f892871acc47b40dd594c63606a17c714f77

lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

rhn.redhat.com/errata/RHSA-2012-1323.html

rhn.redhat.com/errata/RHSA-2012-1347.html

secunia.com/advisories/50811

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5

www.openwall.com/lists/oss-security/2012/05/07/11

bugzilla.redhat.com/show_bug.cgi?id=819471

github.com/torvalds/linux/commit/6f24f892871acc47b40dd594c63606a17c714f77

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.092

Percentile

94.7%

JSON

Related for CVE-2012-2319

nvd2 cvelist2 securityvulns5 prion2 debiancve1 ubuntucve2 nessus50 openvas53 ubuntu12 redhat6 centos3 suse8 oraclelinux5 veracode1 seebug1 cve1 debian2 osv2 vmware2