Incorrect Argument Order in do_siocgstamp and do_siocgstampns Functions in Linux Kernel

Incorrect Argument Order in do_siocgstamp and do_siocgstampns Functions in Linux Kernel

CVE-2012-4467 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:N/A:C

The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.