Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-6548
HistoryMar 15, 2013 - 12:00 a.m.

CVE-2012-6548

2013-03-1500:00:00
ubuntu.com
ubuntu.com
10

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.001

Percentile

46.9%

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6
does not initialize a certain structure member, which allows local users to
obtain sensitive information from kernel heap memory via a crafted
application.

Bugs

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.001

Percentile

46.9%