4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%
The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel
before 3.5.1 does not ensure that calls have two different futex addresses,
which allows local users to cause a denial of service (NULL pointer
dereference and system crash) or possibly have unspecified other impact via
a crafted FUTEX_WAIT_REQUEUE_PI command.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels |
launchpad.net/bugs/cve/CVE-2012-6647
nvd.nist.gov/vuln/detail/CVE-2012-6647
security-tracker.debian.org/tracker/CVE-2012-6647
ubuntu.com/security/notices/USN-1579-1
ubuntu.com/security/notices/USN-1580-1
ubuntu.com/security/notices/USN-1651-1
ubuntu.com/security/notices/USN-1653-1
www.cve.org/CVERecord?id=CVE-2012-6647