6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise
Linux (RHEL) 6 allows local users to cause a denial of service (invalid
free operation and system crash) or possibly gain privileges via a sendmsg
system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE:
this vulnerability exists because of an incorrect fix for CVE-2012-3552.
Author | Note |
---|---|
seth-arnold | Unprivileged user kernel crash demonstrated; code execution neither confirmed nor denied. |
henrix | This is a Red Hat specific bug introduced by their CVE-2012-3552 fix. This was a backport of upstream f6d8bd051c391c1c0458a30b2a7abcd939329259. Only Lucid contains a backport of this commit (all the other Ubuntu kernels include the upstream commit) and Lucid backport is quite different from RH one (it was picked from upstream 3.2, which picked it from Debian). |