CVE-2011-4127

EPSS 0.09%

Published: 7/3/2012Modified: 4/28/2026

Description

The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.

Affected packages (1)

Debian/libguestfsfrom 0, < 1:1.14.8-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-4127