Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2012-3375

The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.

Published

2012-10-03T11:02:56.267

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.9 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

6.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	≤ 3.2.23	Yes
Operating System	linux	linux_kernel	3.0.1	Yes
Operating System	linux	linux_kernel	3.0.2	Yes
Operating System	linux	linux_kernel	3.0.3	Yes
Operating System	linux	linux_kernel	3.0.4	Yes
Operating System	linux	linux_kernel	3.0.5	Yes
Operating System	linux	linux_kernel	3.0.6	Yes
Operating System	linux	linux_kernel	3.0.7	Yes
Operating System	linux	linux_kernel	3.0.8	Yes
Operating System	linux	linux_kernel	3.0.9	Yes
Operating System	linux	linux_kernel	3.0.10	Yes
Operating System	linux	linux_kernel	3.0.11	Yes
Operating System	linux	linux_kernel	3.0.12	Yes
Operating System	linux	linux_kernel	3.0.13	Yes
Operating System	linux	linux_kernel	3.0.14	Yes
Operating System	linux	linux_kernel	3.0.15	Yes
Operating System	linux	linux_kernel	3.0.16	Yes
Operating System	linux	linux_kernel	3.0.17	Yes
Operating System	linux	linux_kernel	3.0.18	Yes
Operating System	linux	linux_kernel	3.0.19	Yes
Operating System	linux	linux_kernel	3.0.20	Yes
Operating System	linux	linux_kernel	3.0.21	Yes
Operating System	linux	linux_kernel	3.0.22	Yes
Operating System	linux	linux_kernel	3.0.23	Yes
Operating System	linux	linux_kernel	3.0.24	Yes
Operating System	linux	linux_kernel	3.0.25	Yes
Operating System	linux	linux_kernel	3.0.26	Yes
Operating System	linux	linux_kernel	3.0.27	Yes
Operating System	linux	linux_kernel	3.0.28	Yes
Operating System	linux	linux_kernel	3.0.29	Yes
Operating System	linux	linux_kernel	3.0.30	Yes
Operating System	linux	linux_kernel	3.0.31	Yes
Operating System	linux	linux_kernel	3.0.32	Yes
Operating System	linux	linux_kernel	3.0.33	Yes
Operating System	linux	linux_kernel	3.0.34	Yes
Operating System	linux	linux_kernel	3.1.1	Yes
Operating System	linux	linux_kernel	3.1.2	Yes
Operating System	linux	linux_kernel	3.1.3	Yes
Operating System	linux	linux_kernel	3.1.4	Yes
Operating System	linux	linux_kernel	3.1.5	Yes
Operating System	linux	linux_kernel	3.1.6	Yes
Operating System	linux	linux_kernel	3.1.7	Yes
Operating System	linux	linux_kernel	3.1.8	Yes
Operating System	linux	linux_kernel	3.1.9	Yes
Operating System	linux	linux_kernel	3.1.10	Yes
Operating System	linux	linux_kernel	3.2.1	Yes
Operating System	linux	linux_kernel	3.2.2	Yes
Operating System	linux	linux_kernel	3.2.3	Yes
Operating System	linux	linux_kernel	3.2.4	Yes
Operating System	linux	linux_kernel	3.2.5	Yes
Operating System	linux	linux_kernel	3.2.6	Yes
Operating System	linux	linux_kernel	3.2.7	Yes
Operating System	linux	linux_kernel	3.2.8	Yes
Operating System	linux	linux_kernel	3.2.9	Yes
Operating System	linux	linux_kernel	3.2.10	Yes
Operating System	linux	linux_kernel	3.2.11	Yes
Operating System	linux	linux_kernel	3.2.12	Yes
Operating System	linux	linux_kernel	3.2.13	Yes
Operating System	linux	linux_kernel	3.2.14	Yes
Operating System	linux	linux_kernel	3.2.15	Yes
Operating System	linux	linux_kernel	3.2.16	Yes
Operating System	linux	linux_kernel	3.2.17	Yes
Operating System	linux	linux_kernel	3.2.18	Yes
Operating System	linux	linux_kernel	3.2.19	Yes
Operating System	linux	linux_kernel	3.2.20	Yes
Operating System	linux	linux_kernel	3.2.21	Yes
Operating System	linux	linux_kernel	3.2.22	Yes

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13d518074a952d33d47c428419693f63389547e9 ([email protected])
http://secunia.com/advisories/51164 ([email protected])
http://ubuntu.com/usn/usn-1529-1 ([email protected])
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24 ([email protected])
http://www.openwall.com/lists/oss-security/2012/07/04/2 ([email protected])
http://www.securitytracker.com/id?1027237 ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=837502 ([email protected])
https://downloads.avaya.com/css/P8/documents/100165733 ([email protected])
https://github.com/torvalds/linux/commit/13d518074a952d33d47c428419693f63389547e9 Exploit ([email protected])
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13d518074a952d33d47c428419693f63389547e9 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/51164 (af854a3a-2127-422b-91ae-364da2661108)
http://ubuntu.com/usn/usn-1529-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/07/04/2 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1027237 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=837502 (af854a3a-2127-422b-91ae-364da2661108)
https://downloads.avaya.com/css/P8/documents/100165733 (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/13d518074a952d33d47c428419693f63389547e9 Exploit (af854a3a-2127-422b-91ae-364da2661108)