Buffer overflow in Linux Linux_kernel
CVE-2012-5611
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5…
Vulnerability class: Buffer Overflow
EPSS: 0.666 (98.6th percentile) — read the EPSS interpretation.
Affected products
- Linux Linux_kernel
- Mariadb — versions 5.1.41, 5.1.42, 5.1.44
- Oracle Mysql — versions 5.1.53, 5.5.19
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
- openSUSE-SU-2013:0013 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- 23075 (exploit, Third Party Advisory, VDB Entry, x_refsource_EXPLOIT-DB)
- USN-1703-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
- MDVSA-2013:102 (vendor-advisory, Third Party Advisory, x_refsource_MANDRIVA)
- openSUSE-SU-2013:0156 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- 53372 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
- openSUSE-SU-2013:0135 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- openSUSE-SU-2013:0011 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
- secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
Frequently asked questions
- What is CVE-2012-5611?
- CVE-2012-5611 is a vulnerability in Linux Linux_kernel, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-12-03.
- Is CVE-2012-5611 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.