vulnerability announce CVE-2012-2136
Linux kernel: buffer overflow via sock_alloc_send_pskb
Synthesis of the vulnerability
A local attacker can generate an overflow in sock_alloc_send_pskb(), leading to a denial of service or to code execution.Impacted products:
Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
816289, BID-53721, CVE-2012-2136, openSUSE-SU-2012:0781-1, openSUSE-SU-2012:0799-1, openSUSE-SU-2012:0812-1, openSUSE-SU-2012:1439-1, RHSA-2012:0690-01, RHSA-2012:0743-01, RHSA-2012:1087-01, SUSE-SU-2012:0789-1, SUSE-SU-2012:0904-1, SUSE-SU-2012:1391-1, VIGILANCE-VUL-11722.
Description of the vulnerability
A SKB (Socket Kernel Buffer) is used to store data processed by a socket.
The sock_alloc_send_pskb() function of file net/core/sock.c allocates required memory pages to store SKB. However, its data_len parameter is not checked.
A local attacker can therefore generate an overflow in sock_alloc_send_pskb(), leading to a denial of service or to code execution.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides an application vulnerability patch
. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The technology watch team tracks security threats targeting the computer system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.