{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2012-06-21T23:00:00Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771764"}, {"name": "[oss-security] 20120508 Re: CVE Request -- kernel: futex: clear robust_list on execve", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/08/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:09:17.251Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771764"}, {"name": "[oss-security] 20120508 Re: CVE Request -- kernel: futex: clear robust_list on execve", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/08/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-0028", "state": "PUBLISHED", "dateReserved": "2011-12-07T00:00:00Z", "datePublished": "2012-06-21T23:00:00Z", "dateUpdated": "2024-08-06T18:09:17.251Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B80BC5D0-5596-44BA-90F2-261360893E55", "versionEndIncluding": "2.6.27.62", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*", "matchCriteriaId": "856FE78A-29B5-4411-98A0-4B0281C17EB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*", "matchCriteriaId": "324B5A3E-FA65-4F02-9B8F-872F38CD1808", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*", "matchCriteriaId": "C75A8FC4-58D2-4B6A-9D8E-FF12DF52E249", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*", "matchCriteriaId": "DE21E2AE-9E01-471C-A419-6AB40A49C2F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*", "matchCriteriaId": "ADFC2D46-65D0-426F-9AF8-8C910AE91D49", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*", "matchCriteriaId": "11795F8E-7ACD-4597-9194-FC7241DCE057", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*", "matchCriteriaId": "60F381E1-F3C5-49BE-B094-4D90E7B108F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*", "matchCriteriaId": "D82A6217-CFA6-4E72-8BED-0297E13EABF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*", "matchCriteriaId": "7CEA1AF2-2DE7-4B38-987D-15FFA70F06B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*", "matchCriteriaId": "7954A701-1671-4080-B1E6-47E0208FD28C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*", "matchCriteriaId": "63D06512-EAF0-48C6-98F0-066E63FF07EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*", "matchCriteriaId": "7F35DA6B-C6D4-47CC-97E7-9659DCFDD162", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*", "matchCriteriaId": "D75B48F1-623A-4B96-9E08-4AA2DE748490", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*", "matchCriteriaId": "9E6EB7C3-D9AB-43E7-8B78-2C36AE920935", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*", "matchCriteriaId": "7FC87A28-C6A1-4E90-BD9F-A5BE1985DB50", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*", "matchCriteriaId": "0383E2A5-60EE-47F3-9DA8-BF75028D511F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8B0C229-2A79-47E0-856A-2AE0FF97B967", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*", "matchCriteriaId": "FB27B247-D6BF-49C4-B113-76C9A47B7DCD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*", "matchCriteriaId": "F94BA1B0-52B9-4303-9C41-3ACC3AC1945E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*", "matchCriteriaId": "1ACBB194-1D24-464A-B79C-44B8127EAD52", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*", "matchCriteriaId": "83E5F269-7711-447D-B798-0F5478E36299", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*", "matchCriteriaId": "A0138807-6313-4A3F-AB5A-4B7D4A9BE287", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.22:*:*:*:*:*:*:*", "matchCriteriaId": "D4BA2227-F259-499D-BF50-5074B1E7DD3E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.23:*:*:*:*:*:*:*", "matchCriteriaId": "78A896D0-032C-4467-9D57-E47E8C612704", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.24:*:*:*:*:*:*:*", "matchCriteriaId": "3D1D4C8F-8C09-4A49-AFFD-33093AE7A437", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.25:*:*:*:*:*:*:*", "matchCriteriaId": "A415FECF-89CC-4D71-B1BF-6A678D32599D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.26:*:*:*:*:*:*:*", "matchCriteriaId": "98F77E54-5F4A-4D47-8DE8-097B4BBC7944", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.27:*:*:*:*:*:*:*", "matchCriteriaId": "752148FC-1594-4108-AE0F-C5145B978454", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.28:*:*:*:*:*:*:*", "matchCriteriaId": "09546671-E75D-4F50-9D86-DFDDAC9DC5DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.29:*:*:*:*:*:*:*", "matchCriteriaId": "EDC7A2D7-ACB4-4871-B7C0-02711A53DF1C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.30:*:*:*:*:*:*:*", "matchCriteriaId": "6964925C-4394-4E82-976B-770A99E74F1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.31:*:*:*:*:*:*:*", "matchCriteriaId": "2E8C909E-02D7-4B29-AA68-897BD0200B7C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.32:*:*:*:*:*:*:*", "matchCriteriaId": "AA036609-ADD3-4903-AB9D-E8BF81CFC776", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.33:*:*:*:*:*:*:*", "matchCriteriaId": "38F9E122-994B-4276-9FCF-A8E4D2D06D4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.34:*:*:*:*:*:*:*", "matchCriteriaId": "7A15720C-3BDF-4343-B270-2575978293EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.35:*:*:*:*:*:*:*", "matchCriteriaId": "FB5ADCFA-2CD8-4A00-AFEC-B84F7E0015A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.36:*:*:*:*:*:*:*", "matchCriteriaId": "6EA2EE9B-27FD-49FE-8665-159DABA0E3C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.37:*:*:*:*:*:*:*", "matchCriteriaId": "4C81C5F8-2224-4D84-B7C0-E18421276AFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.38:*:*:*:*:*:*:*", "matchCriteriaId": "B44A2C76-174E-40A5-9603-3B84D0D35557", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.39:*:*:*:*:*:*:*", "matchCriteriaId": "42ACE154-0709-4AA1-82E3-1B7F34E63187", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.40:*:*:*:*:*:*:*", "matchCriteriaId": "3022E902-9F0D-49FF-9279-71E0E1E8A873", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.41:*:*:*:*:*:*:*", "matchCriteriaId": "DDF77B26-91FA-4245-BFEC-43FD021A28E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.42:*:*:*:*:*:*:*", "matchCriteriaId": "601B4C93-9A9C-40E8-A9D0-DA9D71C745EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.43:*:*:*:*:*:*:*", "matchCriteriaId": "FF7CE35A-87A4-4D95-86F9-211D50E30482", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.44:*:*:*:*:*:*:*", "matchCriteriaId": "CEA8675A-A37C-4658-9D26-3359EBA277B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.45:*:*:*:*:*:*:*", "matchCriteriaId": "00E8CB86-ECEE-4435-BEFC-B8D209B2C5AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.46:*:*:*:*:*:*:*", "matchCriteriaId": "B373DEAE-8F8B-44AA-BAE5-3A0120A541F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.47:*:*:*:*:*:*:*", "matchCriteriaId": "7D40063F-13D0-4897-AE71-1C7B617C8855", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.48:*:*:*:*:*:*:*", "matchCriteriaId": "AC7E89C8-CF89-4FA8-A9F1-F0B415E5FE10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.49:*:*:*:*:*:*:*", "matchCriteriaId": "4034EFE6-449D-4749-9265-B47D44AA4EC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.50:*:*:*:*:*:*:*", "matchCriteriaId": "1F835D17-ACF9-4AE6-8C38-B74BE448B8B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.51:*:*:*:*:*:*:*", "matchCriteriaId": "21A12676-7EBE-4D83-83BD-D46CC7A1773A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.52:*:*:*:*:*:*:*", "matchCriteriaId": "2FB112DB-891D-4FDB-8772-2E233A39A7BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.53:*:*:*:*:*:*:*", "matchCriteriaId": "4B3A0794-B10C-4DFD-9CAD-202CA1DC9250", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.54:*:*:*:*:*:*:*", "matchCriteriaId": "76E86CE6-CD1C-4412-939F-B45867068D44", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.55:*:*:*:*:*:*:*", "matchCriteriaId": "1F6896A4-16E0-46B6-B90C-5C002C526478", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.56:*:*:*:*:*:*:*", "matchCriteriaId": "469534AB-2D0F-4B31-8121-05A792FA9332", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.57:*:*:*:*:*:*:*", "matchCriteriaId": "C2820354-F25B-485D-9FA7-E32B38DDBB1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.58:*:*:*:*:*:*:*", "matchCriteriaId": "EF88BEB3-9EA4-47AA-B24E-DE9AD879382A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.59:*:*:*:*:*:*:*", "matchCriteriaId": "C4209B4C-4901-4235-B35E-B0085AF1952F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.60:*:*:*:*:*:*:*", "matchCriteriaId": "5D748A69-4A93-421E-AD83-2B63B2460A2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.61:*:*:*:*:*:*:*", "matchCriteriaId": "2727A6AE-A1B6-4158-BB73-49D7C86104F4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process."}, {"lang": "es", "value": "La implementaci\u00f3n de robust futex en el kernel de Linux antes de v2.6.28 no maneja adecuadamente los procesos que realizan llamadas Exec System Recovery, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio o posiblemente obtener privilegios escribiendo en una ubicaci\u00f3n de memoria en un proceso hijo."}], "id": "CVE-2012-0028", "lastModified": "2023-02-13T03:24:05.763", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-06-21T23:55:02.520", "references": [{"source": "secalert@redhat.com", "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28"}, {"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/08/1"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771764"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:0107", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-274.18.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-02-09T00:00:00Z"}, {"advisory": "RHSA-2012:0358", "cpe": "cpe:/o:redhat:rhel_eus:5.6", "package": "kernel-0:2.6.18-238.35.1.el5", "product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only", "release_date": "2012-03-06T00:00:00Z"}], "bugzilla": {"description": "kernel: futex: clear robust_list on execve", "id": "771764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771764"}, "csaw": false, "cvss": {"cvss_base_score": "6.2", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "status": "verified"}, "details": ["The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process."], "name": "CVE-2012-0028", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2008-11-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-0028\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-0028"], "statement": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not have support for robust futexes. It did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as they have the backported fixes. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2012-0107.html.", "threat_severity": "Important"}