CVE-2012-0207
published 2012-05-17CVE-2012-0207: The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error…
PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
20.49%
97.2th percentile
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | < 3.0.17 | 3.0.17 |
| linux | linux_kernel | >= 0 < 3.11.0-12.19 | 3.11.0-12.19 |
| linux | linux_kernel | >= 0 < 4.2.0-16.19 | 4.2.0-16.19 |
| linux | linux_kernel | >= 3.1 < 3.1.9 | 3.1.9 |
| linux | linux_kernel | >= 3.2 < 3.2.1 | 3.2.1 |
| redhat | enterprise_linux_eus | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel (Oneiric backport) vulnerabilities
vendor_ubuntu·2012-03-06·CVSS 5.5
CVE-2011-4097 [MEDIUM] Linux kernel (Oneiric backport) vulnerabilities
Title: Linux kernel (Oneiric backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A user
could use this to kill the process with the highest OOM score, even if that
process belongs to another user or the system. (CVE-2011-4097)
Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl
command. A local user, or user in a VM could exploit this flaw to bypass
restrictions and gain read/write access to all data on the affected block
device. (CVE-2011-4127)
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denia
Ubuntu
Linux kernel (Natty backport) vulnerabilities
vendor_ubuntu·2012-03-06·CVSS 5.5
CVE-2011-2498 [MEDIUM] Linux kernel (Natty backport) vulnerabilities
Title: Linux kernel (Natty backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
The linux kernel did not properly account for PTE pages when deciding which
task to kill in out of memory conditions. A local, unprivileged could
exploit this flaw to cause a denial of service. (CVE-2011-2498)
A flaw was discovered in the TOMOYO LSM's handling of mount system calls.
An unprivileged user could oops the system causing a denial of service.
(CVE-2011-2518)
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user
who can mount a FUSE file system could cause a denial of service.
(CVE-2011-3353)
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A user
could use
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-02-29·CVSS 4.9
CVE-2011-2518 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was discovered in the TOMOYO LSM's handling of mount system calls.
An unprivileged user could oops the system causing a denial of service.
(CVE-2011-2518)
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A user
could use this to kill the process with the highest OOM score, even if that
process belongs to another user or the system. (CVE-2011-4097)
A flaw was found in the linux kernels IPv4 IGMP query processing. A remote
attacker could exploit this to cause a denial of service. (CVE-2012-0207)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-02-13·CVSS 5.5
CVE-2012-0055 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A user
could use this to kill the process with the highest OOM score, even if that
process belongs to another user or the system. (CVE-2011-4097)
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Andy Whitcroft discovered a that the Ov
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2012-02-13·CVSS 5.5
CVE-2011-4097 [MEDIUM] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A bug was discovered in the Linux kernel's calculation of OOM (Out of
memory) scores, that would result in the wrong process being killed. A user
could use this to kill the process with the highest OOM score, even if that
process belongs to another user or the system. (CVE-2011-4097)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the
extended permission checks needed by cgroups and Linux Security Modules
(LSMs). A local user could exploit this to by-pass security policy and
access files that
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2012-02-06·CVSS 5.5
CVE-2012-0038 [MEDIUM] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Chen Haogang discovered an integer overflow that could result in memory
corruption. A local unprivileged user could use this to crash the system.
(CVE-2012-0044)
A flaw was found in the linux kernels IPv4 IGMP query processing. A remote
attacker could exploit this to cause a denial of service. (CVE-2012-0207)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Red Hat
kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
vendor_redhat·2012-01-10·CVSS 7.5
CVE-2012-0207 [HIGH] kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
Statement: This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit 5b7c8406.
Package: kernel (Red Hat Enterprise Linux 4) - Not affected
Package: kernel (Red Hat Enterprise Linux Extended Update Support 5.6) - Affected
GHSA
GHSA-6q5h-q7w3-mf7c: The igmp_heard_query function in net/ipv4/igmp
ghsa_unreviewed·2022-05-04
CVE-2012-0207 [HIGH] CWE-369 GHSA-6q5h-q7w3-mf7c: The igmp_heard_query function in net/ipv4/igmp
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
OSV
CVE-2012-0207: The igmp_heard_query function in net/ipv4/igmp
osv·2012-01-13·CVSS 7.5
CVE-2012-0207 [HIGH] CVE-2012-0207: The igmp_heard_query function in net/ipv4/igmp
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
No detection rules found.
Bugzilla
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries [fedora-all]
bugzilla·2012-01-18·CVSS 7.5
CVE-2012-0207 [HIGH] CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries [fedora-all]
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/up
Bugzilla
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
bugzilla·2012-01-10·CVSS 7.5
CVE-2012-0207 [HIGH] CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
Commit 5b7c84066733c5dfb0e4016d939757b38de189e4 ('ipv4: correct IGMP behavior on v3 query during v2-compatibility mode') added yet another case for query parsing, which can result in max_delay = 0. Substitute a value of 1, as in the usual v3 case.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876
code added in 2.6.36-rc8.
Upstream commit:
http://git.kernel.org/linus/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27
Acknowledgements:
Red Hat would like to thank Simon McVittie for reporting this issue.
Discussion:
Statement:
This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit 5b7c8406.
---
http://womble.decadent.org.uk/bl
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1http://www.openwall.com/lists/oss-security/2012/01/10/5https://bugzilla.redhat.com/show_bug.cgi?id=772867https://github.com/torvalds/linux/commit/25c413ad0029ea86008234be28aee33456e53e5bhttps://github.com/torvalds/linux/commit/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1http://www.openwall.com/lists/oss-security/2012/01/10/5https://bugzilla.redhat.com/show_bug.cgi?id=772867https://github.com/torvalds/linux/commit/25c413ad0029ea86008234be28aee33456e53e5bhttps://github.com/torvalds/linux/commit/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27
2012-05-17
Published