ubuntu · CVE-2012-2313

Quick triage

Priority: medium Published: 2012-05-14 00:00:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2012-2313 medium priority: Ubuntu including 30 source packages (linux, linux-armadaxp, …), 353 status rows across 15 suites (hardy, lucid, natty, oneiric, precise, quantal, saucy, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): DNE 244, not-affected 46, released 42, ignored 21.

Description:

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

cvelogic Threat Intelligence