VDB
CVE-2026-23072
CVE-2026-23072
PUBLISHED
block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.
EPSS 0.02% · 4.6th percentile
Risk Scores
EPSS Score
0.02%
4.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| Linux | Linux | 6.19, 6.6.120, 6.12.64 |
| linux | linux_kernel | 2.6.19, 2.6.19, 2.6.19 |
Exploit Intelligence
- [linux-kernel] 20130124 [PATCH 04/13] sg_io: resolve conflicts between commands assigned to multiple classes (CVE-2012-4542) (circl)
- RHSA-2013:0579 (circl)
- https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=76a274e17114abf1a77de6b651424648ce9e10c8 (circl)
- RHSA-2013:0882 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=875360 (circl)
- RHSA-2013:0928 (circl)
- [linux-kernel] 20130124 [PATCH 00/13] Corrections and customization of the SG_IO command whitelist (CVE-2012-4542) (circl)
- RHSA-2013:0496 (circl)
- CIRCL seen: CVE-2012-4542 (circl-sighting)
- https://git.kernel.org/stable/c/278455a82245a572aeb218a6212a416a98e418de (circl)
…and 58 more exploits
Timeline
- Oct 17, 2025 PoC Published
- Oct 21, 2025 PoC Published
- Dec 18, 2025 PoC Published
- Dec 19, 2025 PoC Published
- Dec 26, 2025 PoC Published
- Dec 29, 2025 PoC Published
- Dec 30, 2025 PoC Published
- Dec 30, 2025 PoC Published
- Dec 30, 2025 PoC Published
- Jan 7, 2026 PoC Published
- Jan 13, 2026 PoC Published
- Feb 4, 2026 CVE Published
References
- https://lists.debian.org/debian-security-announce/2026/msg00036.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00035.html advisory
- https://git.kernel.org/stable/c/c8f6f88cd1df35155258285c4f43268b361819df url
- https://git.kernel.org/stable/c/278455a82245a572aeb218a6212a416a98e418de url
- https://git.kernel.org/stable/c/b3e655e52b98a1d3df41c8e42035711e083099f8 url
- https://git.kernel.org/stable/c/e354793a7ab9bb0934ea699a9d57bcd1b48fc27b url
- https://git.kernel.org/stable/c/a41dc180b6e1229ae49ca290ae14d82101c148c3 url
- https://git.kernel.org/stable/c/751c19635c2bfaaf2836a533caa3663633066dcf url
- https://git.kernel.org/stable/c/f6ab594672d4cba08540919a4e6be2e202b60007 url
- RHSA-2013:0496 vendor-advisory
- RHSA-2013:0882 vendor-advisory
- RHSA-2013:0928 vendor-advisory
- [linux-kernel] 20130124 [PATCH 00/13] Corrections and customization of the SG_IO command whitelist (CVE-2012-4542) mailing-list
- https://bugzilla.redhat.com/show_bug.cgi?id=875360 url
- [linux-kernel] 20130124 [PATCH 04/13] sg_io: resolve conflicts between commands assigned to multiple classes (CVE-2012-4542) mailing-list
- RHSA-2013:0579 vendor-advisory
- https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=76a274e17114abf1a77de6b651424648ce9e10c8 url
- https://www.suse.com/support/update/announcement/2026/suse-su-20261532-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621230-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261463-1 advisory
…and 31 more