Lucene search
HistoryDec 21, 2012 - 11:47 a.m.
CVE-2012-0957
cve-2012-0957
linux kernel
override_release function
kernel stack memory
uname system call
nvd
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.
Affected configurations
Node
linuxlinux_kernelRange≤3.4.15
ORlinuxlinux_kernelMatch3.0rc1
ORlinuxlinux_kernelMatch3.0rc2
ORlinuxlinux_kernelMatch3.0rc3
ORlinuxlinux_kernelMatch3.0rc4
ORlinuxlinux_kernelMatch3.0rc5
ORlinuxlinux_kernelMatch3.0rc6
ORlinuxlinux_kernelMatch3.0rc7
ORlinuxlinux_kernelMatch3.0.1
ORlinuxlinux_kernelMatch3.0.2
ORlinuxlinux_kernelMatch3.0.3
ORlinuxlinux_kernelMatch3.0.4
ORlinuxlinux_kernelMatch3.0.5
ORlinuxlinux_kernelMatch3.0.6
ORlinuxlinux_kernelMatch3.0.7
ORlinuxlinux_kernelMatch3.0.8
ORlinuxlinux_kernelMatch3.0.9
ORlinuxlinux_kernelMatch3.0.10
ORlinuxlinux_kernelMatch3.0.11
ORlinuxlinux_kernelMatch3.0.12
ORlinuxlinux_kernelMatch3.0.13
ORlinuxlinux_kernelMatch3.0.14
ORlinuxlinux_kernelMatch3.0.15
ORlinuxlinux_kernelMatch3.0.16
ORlinuxlinux_kernelMatch3.0.17
ORlinuxlinux_kernelMatch3.0.18
ORlinuxlinux_kernelMatch3.0.19
ORlinuxlinux_kernelMatch3.0.20
ORlinuxlinux_kernelMatch3.0.21
ORlinuxlinux_kernelMatch3.0.22
ORlinuxlinux_kernelMatch3.0.23
ORlinuxlinux_kernelMatch3.0.24
ORlinuxlinux_kernelMatch3.0.25
ORlinuxlinux_kernelMatch3.0.26
ORlinuxlinux_kernelMatch3.0.27
ORlinuxlinux_kernelMatch3.0.28
ORlinuxlinux_kernelMatch3.0.29
ORlinuxlinux_kernelMatch3.0.30
ORlinuxlinux_kernelMatch3.0.31
ORlinuxlinux_kernelMatch3.0.32
ORlinuxlinux_kernelMatch3.0.33
ORlinuxlinux_kernelMatch3.0.34
ORlinuxlinux_kernelMatch3.0.35
ORlinuxlinux_kernelMatch3.0.36
ORlinuxlinux_kernelMatch3.0.37
ORlinuxlinux_kernelMatch3.0.38
ORlinuxlinux_kernelMatch3.0.39
ORlinuxlinux_kernelMatch3.0.40
ORlinuxlinux_kernelMatch3.0.41
ORlinuxlinux_kernelMatch3.0.42
ORlinuxlinux_kernelMatch3.0.43
ORlinuxlinux_kernelMatch3.0.44
ORlinuxlinux_kernelMatch3.1
ORlinuxlinux_kernelMatch3.1rc1
ORlinuxlinux_kernelMatch3.1rc2
ORlinuxlinux_kernelMatch3.1rc3
ORlinuxlinux_kernelMatch3.1rc4
ORlinuxlinux_kernelMatch3.1.1
ORlinuxlinux_kernelMatch3.1.2
ORlinuxlinux_kernelMatch3.1.3
ORlinuxlinux_kernelMatch3.1.4
ORlinuxlinux_kernelMatch3.1.5
ORlinuxlinux_kernelMatch3.1.6
ORlinuxlinux_kernelMatch3.1.7
ORlinuxlinux_kernelMatch3.1.8
ORlinuxlinux_kernelMatch3.1.9
ORlinuxlinux_kernelMatch3.1.10
ORlinuxlinux_kernelMatch3.2
ORlinuxlinux_kernelMatch3.2x86
ORlinuxlinux_kernelMatch3.2rc2
ORlinuxlinux_kernelMatch3.2rc3
ORlinuxlinux_kernelMatch3.2rc4
ORlinuxlinux_kernelMatch3.2rc5
ORlinuxlinux_kernelMatch3.2rc6
ORlinuxlinux_kernelMatch3.2rc7
ORlinuxlinux_kernelMatch3.2.1
ORlinuxlinux_kernelMatch3.2.1x86
ORlinuxlinux_kernelMatch3.2.2
ORlinuxlinux_kernelMatch3.2.3
ORlinuxlinux_kernelMatch3.2.4
ORlinuxlinux_kernelMatch3.2.5
ORlinuxlinux_kernelMatch3.2.6
ORlinuxlinux_kernelMatch3.2.7
ORlinuxlinux_kernelMatch3.2.8
ORlinuxlinux_kernelMatch3.2.9
ORlinuxlinux_kernelMatch3.2.10
ORlinuxlinux_kernelMatch3.2.11
ORlinuxlinux_kernelMatch3.2.12
ORlinuxlinux_kernelMatch3.2.13
ORlinuxlinux_kernelMatch3.2.14
ORlinuxlinux_kernelMatch3.2.15
ORlinuxlinux_kernelMatch3.2.16
ORlinuxlinux_kernelMatch3.2.17
ORlinuxlinux_kernelMatch3.2.18
ORlinuxlinux_kernelMatch3.2.19
ORlinuxlinux_kernelMatch3.2.20
ORlinuxlinux_kernelMatch3.2.21
ORlinuxlinux_kernelMatch3.2.22
ORlinuxlinux_kernelMatch3.2.23
ORlinuxlinux_kernelMatch3.2.24
ORlinuxlinux_kernelMatch3.2.25
ORlinuxlinux_kernelMatch3.2.26
ORlinuxlinux_kernelMatch3.2.27
ORlinuxlinux_kernelMatch3.2.28
ORlinuxlinux_kernelMatch3.2.29
ORlinuxlinux_kernelMatch3.2.30
ORlinuxlinux_kernelMatch3.3
ORlinuxlinux_kernelMatch3.3rc1
ORlinuxlinux_kernelMatch3.3rc2
ORlinuxlinux_kernelMatch3.3rc3
ORlinuxlinux_kernelMatch3.3rc4
ORlinuxlinux_kernelMatch3.3rc5
ORlinuxlinux_kernelMatch3.3rc6
ORlinuxlinux_kernelMatch3.3rc7
ORlinuxlinux_kernelMatch3.3.1
ORlinuxlinux_kernelMatch3.3.2
ORlinuxlinux_kernelMatch3.3.3
ORlinuxlinux_kernelMatch3.3.4
ORlinuxlinux_kernelMatch3.3.5
ORlinuxlinux_kernelMatch3.3.6
ORlinuxlinux_kernelMatch3.3.7
ORlinuxlinux_kernelMatch3.3.8
ORlinuxlinux_kernelMatch3.4
ORlinuxlinux_kernelMatch3.4x86
ORlinuxlinux_kernelMatch3.4rc1
ORlinuxlinux_kernelMatch3.4rc1x86
ORlinuxlinux_kernelMatch3.4rc2
ORlinuxlinux_kernelMatch3.4rc2x86
ORlinuxlinux_kernelMatch3.4rc3
ORlinuxlinux_kernelMatch3.4rc3x86
ORlinuxlinux_kernelMatch3.4rc4
ORlinuxlinux_kernelMatch3.4rc4x86
ORlinuxlinux_kernelMatch3.4rc5
ORlinuxlinux_kernelMatch3.4rc5x86
ORlinuxlinux_kernelMatch3.4rc6
ORlinuxlinux_kernelMatch3.4rc6x86
ORlinuxlinux_kernelMatch3.4rc7
ORlinuxlinux_kernelMatch3.4rc7x86
ORlinuxlinux_kernelMatch3.4.1
ORlinuxlinux_kernelMatch3.4.1x86
ORlinuxlinux_kernelMatch3.4.2
ORlinuxlinux_kernelMatch3.4.2x86
ORlinuxlinux_kernelMatch3.4.3
ORlinuxlinux_kernelMatch3.4.3x86
ORlinuxlinux_kernelMatch3.4.4
ORlinuxlinux_kernelMatch3.4.4x86
ORlinuxlinux_kernelMatch3.4.5
ORlinuxlinux_kernelMatch3.4.5x86
ORlinuxlinux_kernelMatch3.4.10
ORlinuxlinux_kernelMatch3.4.11
ORlinuxlinux_kernelMatch3.4.12
ORlinuxlinux_kernelMatch3.4.13
ORlinuxlinux_kernelMatch3.4.14
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2702b1526c7278c4d65d78de209a465d4de2885e
lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html
secunia.com/advisories/51409
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16
www.openwall.com/lists/oss-security/2012/10/09/4
www.ubuntu.com/usn/USN-1644-1
www.ubuntu.com/usn/USN-1645-1
www.ubuntu.com/usn/USN-1646-1
www.ubuntu.com/usn/USN-1647-1
www.ubuntu.com/usn/USN-1648-1
www.ubuntu.com/usn/USN-1649-1
www.ubuntu.com/usn/USN-1652-1
bugzilla.redhat.com/show_bug.cgi?id=862877
github.com/torvalds/linux/commit/2702b1526c7278c4d65d78de209a465d4de2885e
Related
nessus
nessus
Fedora 18 : kernel-3.6.3-3.fc18 (2012-16787)
2012-11-09 00:00:00
Fedora 17 : kernel-3.6.3-1.fc17 (2012-16669)
2012-10-29 00:00:00
Ubuntu 12.10 : linux vulnerabilities (USN-1646-1)
2012-12-02 00:00:00
debiancve
debiancve
CVE-2012-0957
2012-12-21 11:47:35
fedora
fedora
[SECURITY] Fedora 18 Update: kernel-3.6.3-3.fc18
2012-11-08 06:34:34
[SECURITY] Fedora 17 Update: kernel-3.6.3-1.fc17
2012-10-28 00:51:48
[SECURITY] Fedora 17 Update: kernel-3.6.5-1.fc17
2012-11-06 08:01:47
ubuntucve
ubuntucve
CVE-2012-0957
2012-10-10 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:00:24
cvelist
cvelist
CVE-2012-0957
2012-12-21 11:00:00
nvd
nvd
CVE-2012-0957
2012-12-21 11:47:35
prion
prion
Design/Logic Flaw
2012-12-21 11:47:00
openvas
openvas
Ubuntu Update for linux-ti-omap4 USN-1649-1
2012-12-04 00:00:00
Ubuntu Update for linux USN-1646-1
2012-12-04 00:00:00
Ubuntu Update for linux USN-1644-1
2012-12-04 00:00:00
securityvulns
securityvulns
Linux security vulnerabilities
2012-12-02 00:00:00
[USN-1646-1] Linux kernel vulnerabilities
2012-12-02 00:00:00
ubuntu
ubuntu
Linux kernel (Quantal HWE) regression
2013-02-01 00:00:00
Linux kernel vulnerabilities
2012-11-30 00:00:00
Linux kernel (OMAP4) vulnerabilities
2012-11-30 00:00:00
amazon
amazon
Medium: kernel
2012-11-20 06:34:00
redhat
redhat
(RHSA-2012:1491) Important: kernel-rt security and bug fix update
2012-12-04 00:00:00
suse
suse
kernel: security and bugfix update (important)
2013-03-05 18:04:24
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2012-0957