CVE-2011-4127

CVE-2011-4127 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.