CVE-2012-2127: Buffer Overflow
First published: Mon Apr 23 2012(Updated: )
fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/linux-2.6 | ||
| Linux kernel | <=3.1.10 | |
| Linux kernel | =3.1.1 | |
| Linux kernel | =3.1.2 | |
| Linux kernel | =3.1.3 | |
| Linux kernel | =3.1.4 | |
| Linux kernel | =3.1.5 | |
| Linux kernel | =3.1.6 | |
| Linux kernel | =3.1.7 | |
| Linux kernel | =3.1.8 | |
| Linux kernel | =3.1.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=905ad269c55fc62bee3da29f7b1d1efeba8aa1e1
- http://ubuntu.com/usn/usn-1607-1
- http://www.kernel.org/pub/linux/kernel/v3.x/
- http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.2.bz2
- http://www.openwall.com/lists/oss-security/2012/04/20/25
- http://www.openwall.com/lists/oss-security/2012/04/22/1
- http://www.securityfocus.com/bid/55774
- http://www.ubuntu.com/usn/USN-1594-1
- https://bugzilla.novell.com/show_bug.cgi?id=757783
- https://bugzilla.redhat.com/show_bug.cgi?id=815188
- https://github.com/torvalds/linux/commit/905ad269c55fc62bee3da29f7b1d1efeba8aa1e1
- https://launchpad.net/bugs/cve/CVE-2012-2127
- http://git.kernel.org/linus/423e0ab086ad8b33626e45fa94ac7613146b7ffa
- http://git.kernel.org/linus/905ad269c55fc62bee3da29f7b1d1efeba8aa1e1
- https://bugzilla.novell.com/show_bug.cgi?id=757783#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=815192
- https://security-tracker.debian.org/tracker/CVE-2012-2127
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2127
- https://nvd.nist.gov/vuln/detail/CVE-2012-2127
- https://ubuntu.com/security/CVE-2012-2127
Frequently Asked Questions
What is the severity of CVE-2012-2127?
CVE-2012-2127 has a medium severity rating, primarily due to its potential to cause denial of service.
How do I fix CVE-2012-2127?
To fix CVE-2012-2127, upgrade the Linux kernel to version 3.2 or later.
What types of systems are affected by CVE-2012-2127?
CVE-2012-2127 affects systems running Linux kernel versions prior to 3.2.
Can CVE-2012-2127 be exploited remotely?
Yes, CVE-2012-2127 can be exploited remotely by attackers to cause denial of service.
What impact does CVE-2012-2127 have on system resources?
CVE-2012-2127 can lead to reference leaks and excessive memory consumption, impacting system performance.
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-2127
- agent/author
- agent/weakness
- agent/severity
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/remedy
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/debian
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.1.10
- version/linux kernel/3.1.1
- version/linux kernel/3.1.2
- version/linux kernel/3.1.3
- version/linux kernel/3.1.4
- version/linux kernel/3.1.5
- version/linux kernel/3.1.6
- version/linux kernel/3.1.7
- version/linux kernel/3.1.8
- version/linux kernel/3.1.9