Lucene search
HistoryMar 15, 2013 - 8:55 p.m.
CVE-2012-6549
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.3%
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
Affected configurations
Node
linuxlinux_kernelRange≤3.5.7
ORlinuxlinux_kernelMatch3.0rc1
ORlinuxlinux_kernelMatch3.0rc2
ORlinuxlinux_kernelMatch3.0rc3
ORlinuxlinux_kernelMatch3.0rc4
ORlinuxlinux_kernelMatch3.0rc5
ORlinuxlinux_kernelMatch3.0rc6
ORlinuxlinux_kernelMatch3.0rc7
ORlinuxlinux_kernelMatch3.0.1
ORlinuxlinux_kernelMatch3.0.2
ORlinuxlinux_kernelMatch3.0.3
ORlinuxlinux_kernelMatch3.0.4
ORlinuxlinux_kernelMatch3.0.5
ORlinuxlinux_kernelMatch3.0.6
ORlinuxlinux_kernelMatch3.0.7
ORlinuxlinux_kernelMatch3.0.8
ORlinuxlinux_kernelMatch3.0.9
ORlinuxlinux_kernelMatch3.0.10
ORlinuxlinux_kernelMatch3.0.11
ORlinuxlinux_kernelMatch3.0.12
ORlinuxlinux_kernelMatch3.0.13
ORlinuxlinux_kernelMatch3.0.14
ORlinuxlinux_kernelMatch3.0.15
ORlinuxlinux_kernelMatch3.0.16
ORlinuxlinux_kernelMatch3.0.17
ORlinuxlinux_kernelMatch3.0.18
ORlinuxlinux_kernelMatch3.0.19
ORlinuxlinux_kernelMatch3.0.20
ORlinuxlinux_kernelMatch3.0.21
ORlinuxlinux_kernelMatch3.0.22
ORlinuxlinux_kernelMatch3.0.23
ORlinuxlinux_kernelMatch3.0.24
ORlinuxlinux_kernelMatch3.0.25
ORlinuxlinux_kernelMatch3.0.26
ORlinuxlinux_kernelMatch3.0.27
ORlinuxlinux_kernelMatch3.0.28
ORlinuxlinux_kernelMatch3.0.29
ORlinuxlinux_kernelMatch3.0.30
ORlinuxlinux_kernelMatch3.0.31
ORlinuxlinux_kernelMatch3.0.32
ORlinuxlinux_kernelMatch3.0.33
ORlinuxlinux_kernelMatch3.0.34
ORlinuxlinux_kernelMatch3.0.35
ORlinuxlinux_kernelMatch3.0.36
ORlinuxlinux_kernelMatch3.0.37
ORlinuxlinux_kernelMatch3.0.38
ORlinuxlinux_kernelMatch3.0.39
ORlinuxlinux_kernelMatch3.0.40
ORlinuxlinux_kernelMatch3.0.41
ORlinuxlinux_kernelMatch3.0.42
ORlinuxlinux_kernelMatch3.0.43
ORlinuxlinux_kernelMatch3.0.44
ORlinuxlinux_kernelMatch3.0.45
ORlinuxlinux_kernelMatch3.0.46
ORlinuxlinux_kernelMatch3.0.47
ORlinuxlinux_kernelMatch3.0.48
ORlinuxlinux_kernelMatch3.0.49
ORlinuxlinux_kernelMatch3.0.50
ORlinuxlinux_kernelMatch3.0.51
ORlinuxlinux_kernelMatch3.0.52
ORlinuxlinux_kernelMatch3.0.53
ORlinuxlinux_kernelMatch3.0.54
ORlinuxlinux_kernelMatch3.0.55
ORlinuxlinux_kernelMatch3.0.56
ORlinuxlinux_kernelMatch3.0.57
ORlinuxlinux_kernelMatch3.0.58
ORlinuxlinux_kernelMatch3.0.59
ORlinuxlinux_kernelMatch3.0.60
ORlinuxlinux_kernelMatch3.0.61
ORlinuxlinux_kernelMatch3.0.62
ORlinuxlinux_kernelMatch3.0.63
ORlinuxlinux_kernelMatch3.0.64
ORlinuxlinux_kernelMatch3.0.65
ORlinuxlinux_kernelMatch3.0.66
ORlinuxlinux_kernelMatch3.0.67
ORlinuxlinux_kernelMatch3.0.68
ORlinuxlinux_kernelMatch3.1
ORlinuxlinux_kernelMatch3.1rc1
ORlinuxlinux_kernelMatch3.1rc2
ORlinuxlinux_kernelMatch3.1rc3
ORlinuxlinux_kernelMatch3.1rc4
ORlinuxlinux_kernelMatch3.1.1
ORlinuxlinux_kernelMatch3.1.2
ORlinuxlinux_kernelMatch3.1.3
ORlinuxlinux_kernelMatch3.1.4
ORlinuxlinux_kernelMatch3.1.5
ORlinuxlinux_kernelMatch3.1.6
ORlinuxlinux_kernelMatch3.1.7
ORlinuxlinux_kernelMatch3.1.8
ORlinuxlinux_kernelMatch3.1.9
ORlinuxlinux_kernelMatch3.1.10
ORlinuxlinux_kernelMatch3.2
ORlinuxlinux_kernelMatch3.2rc2
ORlinuxlinux_kernelMatch3.2rc3
ORlinuxlinux_kernelMatch3.2rc4
ORlinuxlinux_kernelMatch3.2rc5
ORlinuxlinux_kernelMatch3.2rc6
ORlinuxlinux_kernelMatch3.2rc7
ORlinuxlinux_kernelMatch3.2.1
ORlinuxlinux_kernelMatch3.2.2
ORlinuxlinux_kernelMatch3.2.3
ORlinuxlinux_kernelMatch3.2.4
ORlinuxlinux_kernelMatch3.2.5
ORlinuxlinux_kernelMatch3.2.6
ORlinuxlinux_kernelMatch3.2.7
ORlinuxlinux_kernelMatch3.2.8
ORlinuxlinux_kernelMatch3.2.9
ORlinuxlinux_kernelMatch3.2.10
ORlinuxlinux_kernelMatch3.2.11
ORlinuxlinux_kernelMatch3.2.12
ORlinuxlinux_kernelMatch3.2.13
ORlinuxlinux_kernelMatch3.2.14
ORlinuxlinux_kernelMatch3.2.15
ORlinuxlinux_kernelMatch3.2.16
ORlinuxlinux_kernelMatch3.2.17
ORlinuxlinux_kernelMatch3.2.18
ORlinuxlinux_kernelMatch3.2.19
ORlinuxlinux_kernelMatch3.2.20
ORlinuxlinux_kernelMatch3.2.21
ORlinuxlinux_kernelMatch3.2.22
ORlinuxlinux_kernelMatch3.2.23
ORlinuxlinux_kernelMatch3.2.24
ORlinuxlinux_kernelMatch3.2.25
ORlinuxlinux_kernelMatch3.2.26
ORlinuxlinux_kernelMatch3.2.27
ORlinuxlinux_kernelMatch3.2.28
ORlinuxlinux_kernelMatch3.2.29
ORlinuxlinux_kernelMatch3.2.30
ORlinuxlinux_kernelMatch3.3
ORlinuxlinux_kernelMatch3.3rc1
ORlinuxlinux_kernelMatch3.3rc2
ORlinuxlinux_kernelMatch3.3rc3
ORlinuxlinux_kernelMatch3.3rc4
ORlinuxlinux_kernelMatch3.3rc5
ORlinuxlinux_kernelMatch3.3rc6
ORlinuxlinux_kernelMatch3.3rc7
ORlinuxlinux_kernelMatch3.3.1
ORlinuxlinux_kernelMatch3.3.2
ORlinuxlinux_kernelMatch3.3.3
ORlinuxlinux_kernelMatch3.3.4
ORlinuxlinux_kernelMatch3.3.5
ORlinuxlinux_kernelMatch3.3.6
ORlinuxlinux_kernelMatch3.3.7
ORlinuxlinux_kernelMatch3.3.8
ORlinuxlinux_kernelMatch3.4
ORlinuxlinux_kernelMatch3.4rc1
ORlinuxlinux_kernelMatch3.4rc2
ORlinuxlinux_kernelMatch3.4rc3
ORlinuxlinux_kernelMatch3.4rc4
ORlinuxlinux_kernelMatch3.4rc5
ORlinuxlinux_kernelMatch3.4rc6
ORlinuxlinux_kernelMatch3.4rc7
ORlinuxlinux_kernelMatch3.4.1
ORlinuxlinux_kernelMatch3.4.2
ORlinuxlinux_kernelMatch3.4.3
ORlinuxlinux_kernelMatch3.4.4
ORlinuxlinux_kernelMatch3.4.5
ORlinuxlinux_kernelMatch3.4.6
ORlinuxlinux_kernelMatch3.4.7
ORlinuxlinux_kernelMatch3.4.8
ORlinuxlinux_kernelMatch3.4.9
ORlinuxlinux_kernelMatch3.4.10
ORlinuxlinux_kernelMatch3.4.11
ORlinuxlinux_kernelMatch3.4.12
ORlinuxlinux_kernelMatch3.4.13
ORlinuxlinux_kernelMatch3.4.14
ORlinuxlinux_kernelMatch3.4.15
ORlinuxlinux_kernelMatch3.4.16
ORlinuxlinux_kernelMatch3.4.17
ORlinuxlinux_kernelMatch3.4.18
ORlinuxlinux_kernelMatch3.4.19
ORlinuxlinux_kernelMatch3.4.20
ORlinuxlinux_kernelMatch3.4.21
ORlinuxlinux_kernelMatch3.4.22
ORlinuxlinux_kernelMatch3.4.23
ORlinuxlinux_kernelMatch3.4.24
ORlinuxlinux_kernelMatch3.4.25
ORlinuxlinux_kernelMatch3.4.26
ORlinuxlinux_kernelMatch3.4.27
ORlinuxlinux_kernelMatch3.4.28
ORlinuxlinux_kernelMatch3.4.29
ORlinuxlinux_kernelMatch3.4.30
ORlinuxlinux_kernelMatch3.4.31
ORlinuxlinux_kernelMatch3.4.32
ORlinuxlinux_kernelMatch3.5.1
ORlinuxlinux_kernelMatch3.5.2
ORlinuxlinux_kernelMatch3.5.3
ORlinuxlinux_kernelMatch3.5.4
ORlinuxlinux_kernelMatch3.5.5
ORlinuxlinux_kernelMatch3.5.6
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe685aabf7c8c9f138e5ea900954d295bf229175
lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
www.mandriva.com/security/advisories?name=MDVSA-2013:176
www.openwall.com/lists/oss-security/2013/03/05/13
www.ubuntu.com/usn/USN-1809-1
www.ubuntu.com/usn/USN-1811-1
www.ubuntu.com/usn/USN-1812-1
www.ubuntu.com/usn/USN-1813-1
www.ubuntu.com/usn/USN-1814-1
www.ubuntu.com/usn/USN-1829-1
github.com/torvalds/linux/commit/fe685aabf7c8c9f138e5ea900954d295bf229175
www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2
Related
cvelist
cvelist
CVE-2012-6549
2013-03-14 20:00:00
cve
cve
CVE-2012-6549
2013-03-15 20:55:08
CVE-2012-6138
2022-10-03 16:15:28
ubuntucve
ubuntucve
CVE-2012-6549
2013-03-15 00:00:00
debiancve
debiancve
CVE-2012-6549
2013-03-15 20:55:08
prion
prion
Design/Logic Flaw
2013-03-15 20:55:00
openvas
openvas
Ubuntu: Security Advisory (USN-1824-1)
2013-05-17 00:00:00
Ubuntu: Security Advisory (USN-1829-1)
2013-05-17 00:00:00
Ubuntu Update for linux-ec2 USN-1829-1
2013-05-17 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1824-1)
2013-05-16 00:00:00
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1829-1)
2013-05-17 00:00:00
Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1812-1)
2013-05-02 00:00:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2013-05-16 00:00:00
Linux kernel vulnerabilities
2013-05-15 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-05-02 00:00:00
securityvulns
securityvulns
[USN-1813-1] Linux kernel vulnerabilities
2013-05-04 00:00:00
Linux kernel multiple security vulnerabilities
2013-05-27 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
nvd
nvd
CVE-2012-6138
2013-03-15 20:55:01
suse
suse
Security update for Linux kernel (important)
2013-05-07 21:04:31
Security update for Linux kernel (important)
2013-05-08 05:04:26
3.0.80 kernel update (important)
2013-07-12 09:04:49
oraclelinux
oraclelinux
Unbreakable Enterprise Kernel security and bug fix update
2013-09-16 00:00:00
debian
debian
[SECURITY] [DSA 2668-1] linux-2.6 security update
2013-05-14 19:14:29
osv
osv
linux-2.6 - several
2013-05-14 00:00:00
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.3%
Related for NVD:CVE-2012-6549