CVE-2011-4127
published 2012-07-03CVE-2011-4127: The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write…
medium4.6CVSS 3.1
AVLACLAuNCPIPAP
The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.
Affected
54 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libguestfs | < libguestfs 1:1.14.8-1 (bookworm) | libguestfs 1:1.14.8-1 (bookworm) |
| libguestfs | libguestfs | >= 0 < 1:1.14.8-1 | 1:1.14.8-1 |
| libguestfs | libguestfs | >= 0 < 1:1.14.8-1 | 1:1.14.8-1 |
| libguestfs | libguestfs | >= 0 < 1:1.14.8-1 | 1:1.14.8-1 |
| libguestfs | libguestfs | >= 0 < 1:1.14.8-1 | 1:1.14.8-1 |
| linux | linux_kernel | <= 3.2.1 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvd4.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM