Novell Home

CVE-2012-2127

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-2127 at MITRE

Description

fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Note from the SUSE Security Team

This issue affected only kernels with PID namespaces, so SUSE Linux Enterprise 11 SP2 and later. Older products up to and including SUSE Linux Enterprise 11 SP1 were not affected by this problem.,This issue affected only kernels with PID namespaces, so SUSE Linux Enterprise 11 SP2 and later. Older products up to and including SUSE Linux Enterprise 11 SP1 were not affected by this problem.

Novell Bugzilla entry: 757783

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.31_0.9-0.14.4
  • ext4-writeable-kmp-ppc64 >= 0_3.0.31_0.9-0.14.4
  • kernel-default-extra >= 3.0.31-0.9.1
  • kernel-ppc64-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6341
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-pae >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-trace >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-xen >= 1.4_3.0.31_0.9-2.10.23
  • gfs2-kmp-default >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-pae >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-trace >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-xen >= 2_3.0.31_0.9-0.7.23
  • ocfs2-kmp-default >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-pae >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-trace >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-xen >= 1.6_3.0.31_0.9-0.7.23
Builds
SAT Patch Nr: 6338
SUSE Linux Enterprise Desktop 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-default-extra >= 3.0.31-0.9.1
  • kernel-pae >= 3.0.31-0.9.1
  • kernel-pae-base >= 3.0.31-0.9.1
  • kernel-pae-devel >= 3.0.31-0.9.1
  • kernel-pae-extra >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
  • kernel-trace-extra >= 3.0.31-0.9.1
  • kernel-xen >= 3.0.31-0.9.1
  • kernel-xen-base >= 3.0.31-0.9.1
  • kernel-xen-devel >= 3.0.31-0.9.1
  • kernel-xen-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6338
SUSE Linux Enterprise Server 11 SP2 for VMware
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-pae >= 3.0.31-0.9.1
  • kernel-pae-base >= 3.0.31-0.9.1
  • kernel-pae-devel >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
  • kernel-xen-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6338
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-ec2 >= 3.0.31-0.9.1
  • kernel-ec2-base >= 3.0.31-0.9.1
  • kernel-ec2-devel >= 3.0.31-0.9.1
  • kernel-pae >= 3.0.31-0.9.1
  • kernel-pae-base >= 3.0.31-0.9.1
  • kernel-pae-devel >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
  • kernel-xen >= 3.0.31-0.9.1
  • kernel-xen-base >= 3.0.31-0.9.1
  • kernel-xen-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6338
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.31_0.9-0.14.4
  • ext4-writeable-kmp-pae >= 0_3.0.31_0.9-0.14.4
  • ext4-writeable-kmp-xen >= 0_3.0.31_0.9-0.14.4
  • kernel-default-extra >= 3.0.31-0.9.1
  • kernel-pae-extra >= 3.0.31-0.9.1
  • kernel-xen-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6340
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-ppc64 >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-trace >= 1.4_3.0.31_0.9-2.10.23
  • gfs2-kmp-default >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-ppc64 >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-trace >= 2_3.0.31_0.9-0.7.23
  • ocfs2-kmp-default >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-ppc64 >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-trace >= 1.6_3.0.31_0.9-0.7.23
Builds
SAT Patch Nr: 6339
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-ppc64 >= 3.0.31-0.9.1
  • kernel-ppc64-base >= 3.0.31-0.9.1
  • kernel-ppc64-devel >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6339
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-trace >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-xen >= 1.4_3.0.31_0.9-2.10.23
  • gfs2-kmp-default >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-trace >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-xen >= 2_3.0.31_0.9-0.7.23
  • ocfs2-kmp-default >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-trace >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-xen >= 1.6_3.0.31_0.9-0.7.23
Builds
SAT Patch Nr: 6349
SUSE Linux Enterprise Desktop 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-default-extra >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
  • kernel-trace-extra >= 3.0.31-0.9.1
  • kernel-xen >= 3.0.31-0.9.1
  • kernel-xen-base >= 3.0.31-0.9.1
  • kernel-xen-devel >= 3.0.31-0.9.1
  • kernel-xen-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6349
SUSE Linux Enterprise Server 11 SP2 for VMware
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
  • kernel-xen-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6349
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-ec2 >= 3.0.31-0.9.1
  • kernel-ec2-base >= 3.0.31-0.9.1
  • kernel-ec2-devel >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
  • kernel-xen >= 3.0.31-0.9.1
  • kernel-xen-base >= 3.0.31-0.9.1
  • kernel-xen-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6349
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.31_0.9-0.14.4
  • kernel-default-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6342
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-trace >= 1.4_3.0.31_0.9-2.10.23
  • gfs2-kmp-default >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-trace >= 2_3.0.31_0.9-0.7.23
  • ocfs2-kmp-default >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-trace >= 1.6_3.0.31_0.9-0.7.23
Builds
SAT Patch Nr: 6345
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-default-man >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6345
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.31_0.9-0.14.4
  • ext4-writeable-kmp-xen >= 0_3.0.31_0.9-0.14.4
  • kernel-default-extra >= 3.0.31-0.9.1
  • kernel-xen-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6347
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.31_0.9-2.10.23
  • cluster-network-kmp-trace >= 1.4_3.0.31_0.9-2.10.23
  • gfs2-kmp-default >= 2_3.0.31_0.9-0.7.23
  • gfs2-kmp-trace >= 2_3.0.31_0.9-0.7.23
  • ocfs2-kmp-default >= 1.6_3.0.31_0.9-0.7.23
  • ocfs2-kmp-trace >= 1.6_3.0.31_0.9-0.7.23
Builds
SAT Patch Nr: 6348
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.31-0.9.1
  • kernel-default-base >= 3.0.31-0.9.1
  • kernel-default-devel >= 3.0.31-0.9.1
  • kernel-source >= 3.0.31-0.9.1
  • kernel-syms >= 3.0.31-0.9.1
  • kernel-trace >= 3.0.31-0.9.1
  • kernel-trace-base >= 3.0.31-0.9.1
  • kernel-trace-devel >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6348
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.31_0.9-0.14.4
  • kernel-default-extra >= 3.0.31-0.9.1
Builds
SAT Patch Nr: 6346

© 2014 Novell