4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address
Extension (PAE) is enabled, does not properly use the Page Middle Directory
(PMD), which allows local users to cause a denial of service (panic) via a
crafted application that triggers a race condition.
Author | Note |
---|---|
jdstrand | linux-armadaxp is maintained by OEM |
henrix | Lucid isnβt affected (vulnerable code isnβt present) confirmed Debian stable kernel and they tag it as not affected as well |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 11.10 | noarch | linux | <Β 3.0.0-23.37 | UNKNOWN |
ubuntu | 12.04 | noarch | linux | <Β 3.2.0-29.46 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | <Β 3.2.0-1606.9 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-oneiric | <Β 3.0.0-23.37~lucid1 | UNKNOWN |
ubuntu | 11.10 | noarch | linux-ti-omap4 | <Β 3.0.0-1213.25 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-ti-omap4 | <Β 3.2.0-1417.23 | UNKNOWN |
www.openwall.com/lists/oss-security/2012/05/18/5
launchpad.net/bugs/cve/CVE-2012-2373
nvd.nist.gov/vuln/detail/CVE-2012-2373
security-tracker.debian.org/tracker/CVE-2012-2373
ubuntu.com/security/notices/USN-1514-1
ubuntu.com/security/notices/USN-1529-1
ubuntu.com/security/notices/USN-1532-1
ubuntu.com/security/notices/USN-1533-1
ubuntu.com/security/notices/USN-1539-1
www.cve.org/CVERecord?id=CVE-2012-2373