CVE-2012-2313
Description
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
Risk Information
Base Score
8.1
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.201
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-1473-1) linux-image-3.2.0-25-generic_3.2.0-25.40_i386.deb | Linux |
| Linux kernel (USN-1473-1) linux-image-3.2.0-25-generic_3.2.0-25.40_amd64.deb | Linux |
| Linux kernel (USN-1473-1) linux-image-3.2.0-25-virtual_3.2.0-25.40_i386.deb | Linux |
| Linux kernel (USN-1473-1) linux-image-3.2.0-25-virtual_3.2.0-25.40_amd64.deb | Linux |
| Linux kernel (USN-1473-1) linux-image-3.2.0-25-generic-pae_3.2.0-25.40_i386.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234