CVE-2012-0028
kernel: futex: clear robust_list on execve
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.
La implementación de robust futex en el kernel de Linux antes de v2.6.28 no maneja adecuadamente los procesos que realizan llamadas Exec System Recovery, lo que permite a usuarios locales provocar una denegación de servicio o posiblemente obtener privilegios escribiendo en una ubicación de memoria en un proceso hijo.
The kernel packages contain the Linux kernel, the core of any Linux operating system. Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access to the entire block device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the References, for further details about this issue.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-12-07 CVE Reserved
- 2012-02-10 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28 | X_refsource_confirm | |
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2012/05/08/1 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=771764 | 2012-03-06 | |
| https://access.redhat.com/security/cve/CVE-2012-0028 | 2012-03-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.27.62 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.27.62" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.1 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.1" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.2 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.2" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.3 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.3" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.4 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.4" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.5 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.5" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.6 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.6" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.7 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.7" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.8 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.8" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.9 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.9" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.10 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.10" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.11 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.11" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.12 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.12" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.13 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.13" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.14 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.14" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.15 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.15" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.16 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.17 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.17" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.18 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.18" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.19 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.19" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.20 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.20" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.21 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.21" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.22 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.22" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.23 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.23" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.24 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.24" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.25 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.25" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.26 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.26" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.27 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.27" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.28 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.28" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.29 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.29" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.30 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.30" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.31 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.31" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.32 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.32" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.33 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.33" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.34 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.34" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.35 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.35" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.36 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.36" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.37 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.37" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.38 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.38" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.39 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.39" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.40 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.40" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.41 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.41" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.42 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.42" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.43 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.43" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.44 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.44" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.45 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.45" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.46 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.46" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.47 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.47" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.48 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.48" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.49 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.49" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.50 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.50" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.51 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.51" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.52 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.52" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.53 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.53" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.54 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.54" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.55 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.55" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.56 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.56" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.57 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.57" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.58 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.58" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.59 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.59" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.60 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.60" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.27.61 Search vendor "Linux" for product "Linux Kernel" and version "2.6.27.61" | - |
Affected
| ||||||