| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.0 | $0-$5k | 0.00 |
Summary
A vulnerability identified as problematic has been detected in Linux Kernel up to 3.3.7-1. Impacted is an unknown function of the component btrfs CRC32C. This manipulation causes cryptographic issue. This vulnerability is tracked as CVE-2012-5375. Moreover, an exploit is present. It is advisable to modify the configuration settings.
Details
A vulnerability has been found in Linux Kernel up to 3.3.7-1 (Operating System) and classified as problematic. Affected by this vulnerability is some unknown functionality of the component btrfs CRC32C. The manipulation with an unknown input leads to a cryptographic issue vulnerability. The CWE definition for the vulnerability is CWE-310. As an impact it is known to affect availability. The summary by CVE is:
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value.
The bug was discovered 12/13/2012. The weakness was disclosed 12/13/2012 by Pascal Junod as not defined posting (Website). The advisory is shared at crypto.junod.info. The public release happened without involvement of Linux. This vulnerability is known as CVE-2012-5375 since 10/10/2012. The exploitation appears to be easy. An attack has to be approached locally. A single authentication is required for exploitation. Technical details are unknown but a public exploit is available. MITRE ATT&CK project uses the attack technique T1600 for this issue.
After immediately, there has been an exploit disclosed. It is possible to download the exploit at crypto.junod.info. It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 69811 (Ubuntu 12.10 : linux vulnerabilities (USN-1944-1)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Ubuntu Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 195954 (Ubuntu Security Notification for Linux-lts-quantal Vulnerabilities (USN-1947-1)).
Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. It is possible to mitigate the problem by applying the configuration setting avoid shared directories. The best possible mitigation is suggested to be the change of configuration settings.
The vulnerability is also documented in the databases at X-Force (80679), Exploit-DB (38132), Tenable (69811), SecurityFocus (BID 56939†) and OSVDB (88451†). The entries VDB-7176, VDB-9054 and VDB-10265 are pretty similar. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.kernel.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.0
VulDB Base Score: 5.5
VulDB Temp Score: 5.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cryptographic issueCWE: CWE-310
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 69811
Nessus Name: Ubuntu 12.10 : linux vulnerabilities (USN-1944-1)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 841542
OpenVAS Name: Ubuntu Update for linux USN-1944-1
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: ConfigStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Patch: git.kernel.org
Config: avoid shared directories
Timeline
10/10/2012 🔍12/13/2012 🔍
12/13/2012 🔍
12/13/2012 🔍
12/13/2012 🔍
12/13/2012 🔍
12/17/2012 🔍
02/18/2013 🔍
09/10/2013 🔍
10/07/2013 🔍
09/29/2024 🔍
Sources
Vendor: kernel.orgAdvisory: crypto.junod.info
Researcher: Pascal Junod
Status: Not defined
Confirmation: 🔍
CVE: CVE-2012-5375 (🔍)
GCVE (CVE): GCVE-0-2012-5375
GCVE (VulDB): GCVE-100-7177
OVAL: 🔍
X-Force: 80679 - Linux Kernel Btrfs CRC32C security bypass, Medium Risk
SecurityFocus: 56939
Secunia: 54740 - Ubuntu update for kernel, Less Critical
OSVDB: 88451
Vulnerability Center: 41786 - Linux Kernel Before 3.8-rc1 Local Security Bypass Vulnerability Due to An Error In The CRC32C Btrfs Feature, Low
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 12/17/2012 17:49Updated: 09/29/2024 19:40
Changes: 12/17/2012 17:49 (88), 05/12/2017 21:34 (1), 04/20/2021 11:39 (3), 09/29/2024 19:40 (20)
Complete: 🔍
Committer: olku
Cache ID: 216:E54:103
No comments yet. Languages: en.
Please log in to comment.