CVE-2012-2373

2012-05-1800:00:00

ubuntu.com

4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The Linux kernel before 3.4.5 on the x86 platform, when Physical Address
Extension (PAE) is enabled, does not properly use the Page Middle Directory
(PMD), which allows local users to cause a denial of service (panic) via a
crafted application that triggers a race condition.

Bugs

Notes

Author	Note
jdstrand	linux-armadaxp is maintained by OEM
henrix	Lucid isn’t affected (vulnerable code isn’t present) confirmed Debian stable kernel and they tag it as not affected as well

OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchlinux< 3.0.0-23.37UNKNOWN
ubuntu12.04noarchlinux< 3.2.0-29.46UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1606.9UNKNOWN
ubuntu10.04noarchlinux-lts-backport-oneiric< 3.0.0-23.37~lucid1UNKNOWN
ubuntu11.10noarchlinux-ti-omap4< 3.0.0-1213.25UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1417.23UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	11.10	noarch	linux	< 3.0.0-23.37	UNKNOWN
ubuntu	12.04	noarch	linux	< 3.2.0-29.46	UNKNOWN
ubuntu	12.04	noarch	linux-armadaxp	< 3.2.0-1606.9	UNKNOWN
ubuntu	10.04	noarch	linux-lts-backport-oneiric	< 3.0.0-23.37~lucid1	UNKNOWN
ubuntu	11.10	noarch	linux-ti-omap4	< 3.0.0-1213.25	UNKNOWN
ubuntu	12.04	noarch	linux-ti-omap4	< 3.2.0-1417.23	UNKNOWN