we track for your security since 1999

vulnerabilities

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.

recent vulnerabilities

tracked products

RSS feed

vulnerability

vulnerability announce CVE-2012-2136

Linux kernel: buffer overflow via sock_alloc_send_pskb

Synthesis of the vulnerability

A local attacker can generate an overflow in sock_alloc_send_pskb(), leading to a denial of service or to code execution.
Impacted products: Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Creation date: 19/06/2012.
Identifiers: 816289, BID-53721, CVE-2012-2136, openSUSE-SU-2012:0781-1, openSUSE-SU-2012:0799-1, openSUSE-SU-2012:0812-1, openSUSE-SU-2012:1439-1, RHSA-2012:0690-01, RHSA-2012:0743-01, RHSA-2012:1087-01, SUSE-SU-2012:0789-1, SUSE-SU-2012:0904-1, SUSE-SU-2012:1391-1, VIGILANCE-VUL-11722.

Description of the vulnerability

A SKB (Socket Kernel Buffer) is used to store data processed by a socket.

The sock_alloc_send_pskb() function of file net/core/sock.c allocates required memory pages to store SKB. However, its data_len parameter is not checked.

A local attacker can therefore generate an overflow in sock_alloc_send_pskb(), leading to a denial of service or to code execution.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Computer vulnerabilities tracking service

Vigil@nce provides an application vulnerability patch. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The technology watch team tracks security threats targeting the computer system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.