Published: 27/12/2012 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel prior to 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.4.3
linux linux kernel
linux linux kernel 3.4.2
linux linux kernel 3.4.1

Several security issues were fixed in the kernel ...

CWE-20 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://github.com/torvalds/linux/commit/bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c https://bugzilla.novell.com/show_bug.cgi?id=761200 http://www.openwall.com/lists/oss-security/2012/11/27/12 http://openwall.com/lists/oss-security/2012/06/06/12 http://lists.opensuse.org/opensuse-updates/2012-11/msg00042.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c https://nvd.nist.gov https://usn.ubuntu.com/1514-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2669

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect