CVE-2012-2313

Published: Jun 13, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20120504 Re: CVE Request: more tight ioctl permissions in dl2k driver

mailing-list

x_refsource_MLIST

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7

x_refsource_CONFIRM

RHSA-2012:1174

vendor-advisory

x_refsource_REDHAT

53965

vdb-entry

x_refsource_BID

https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75

x_refsource_CONFIRM

RHSA-2012:1541

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75

x_refsource_CONFIRM

RHSA-2012:1481

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=818820

x_refsource_CONFIRM

RHSA-2012:1589

vendor-advisory

x_refsource_REDHAT

HPSBGN02970

vendor-advisory

x_refsource_HP

SUSE-SU-2015:0812

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-2313

Description

Affected Products

References