CVE-2012-2669

Published: Dec 27, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=761200

x_refsource_CONFIRM

[oss-security] 20120606 Re: CVE-Request: hyper-v daemon

mailing-list

x_refsource_MLIST

[oss-security] 20121127 Re: CVE-2012-5532 hypervkvpd DoS

mailing-list

x_refsource_MLIST

https://github.com/torvalds/linux/commit/bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c

x_refsource_CONFIRM

openSUSE-SU-2012:1526

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-2669

Description

Affected Products

References