Vulnerability Details : CVE-2012-2319
Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.
Exploit prediction scoring system (EPSS) score for CVE-2012-2319
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-2319
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2012-2319
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2319
-
https://github.com/torvalds/linux/commit/6f24f892871acc47b40dd594c63606a17c714f77
hfsplus: Fix potential buffer overflows · torvalds/linux@6f24f89 · GitHub
-
http://rhn.redhat.com/errata/RHSA-2012-1323.html
RHSA-2012:1323 - Security Advisory - Red Hat Customer Portal
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5
-
http://www.openwall.com/lists/oss-security/2012/05/07/11
oss-security - Re: CVE request: Linux kernel: Buffer overflow in HFS plus filesystem
-
http://rhn.redhat.com/errata/RHSA-2012-1347.html
RHSA-2012:1347 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=819471
819471 – (CVE-2012-2319) CVE-2012-2319 kernel: Buffer overflow in the HFS plus filesystem (different issue than CVE-2009-4020)
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[security-announce] SUSE-SU-2015:0812-1: important: Security update for
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f24f892871acc47b40dd594c63606a17c714f77
Products affected by CVE-2012-2319
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*