Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-6540 (GCVE-0-2012-6540)
Vulnerability from cvelistv5 – Published: 2013-03-14 20:00 – Updated: 2024-08-06 21:28
VLAI?
EPSS
Summary
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"name": "USN-1792-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"name": "USN-1798-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1798-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-15T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"name": "USN-1792-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"name": "USN-1798-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1798-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"name": "USN-1792-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"name": "USN-1798-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1798-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6540",
"datePublished": "2013-03-14T20:00:00.000Z",
"dateReserved": "2013-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:28:39.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2012-6540
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-6540",
"description": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"id": "GSD-2012-6540",
"references": [
"https://www.suse.com/security/cve/CVE-2012-6540.html",
"https://www.debian.org/security/2013/dsa-2668"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-6540"
],
"details": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"id": "GSD-2012-6540",
"modified": "2023-12-13T01:20:17.226212Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"name": "USN-1792-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"name": "USN-1798-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1798-1"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.5.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6540"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680",
"refsource": "CONFIRM",
"tags": [],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"name": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680",
"refsource": "CONFIRM",
"tags": [],
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"name": "USN-1798-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-1798-1"
},
{
"name": "USN-1792-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-1792-1"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2013-05-15T03:33Z",
"publishedDate": "2013-03-15T20:55Z"
}
}
}
FKIE_CVE-2012-6540
Vulnerability from fkie_nvd - Published: 2013-03-15 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB606E7E-BD26-4854-A4DA-2F6BBE20B14A",
"versionEndIncluding": "3.5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D30AEC07-3CBD-4F4F-9646-BEAA1D98750B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C2AA8E68-691B-499C-AEDD-3C0BFFE70044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9440475B-5960-4066-A204-F30AAFC87846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "53BCFBFB-6AF0-4525-8623-7633CC5E17DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6ED4E86A-74F0-436A-BEB4-3F4EE93A5421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BF0365B0-8E16-4F30-BD92-5DD538CC8135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "079505E8-2942-4C33-93D1-35ADA4C39E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38989541-2360-4E0A-AE5A-3D6144AA6114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E51646B-7A0E-40F3-B8C9-239C1DA81DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "42A8A507-F8E2-491C-A144-B2448A1DB26E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "901FC6F3-2C2A-4112-AE27-AB102BBE8DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "203AD334-DB9F-41B0-A4D1-A6C158EF8C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B3611753-E440-410F-8250-600C996A4B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9739BB47-EEAF-42F1-A557-2AE2EA9526A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5A95E3BB-0AFC-4C2E-B9BE-C975E902A266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "482A6C9A-9B8E-4D1C-917A-F16370745E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D87357-63E0-41D0-9F02-1BCBF9A77E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3765A2D6-2D78-4FB1-989E-D5106BFA3F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F54257DB-7023-43C4-AC4D-9590B815CD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "61FF5FCD-A4A1-4803-AC53-320A4C838AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9F096553-064F-46A2-877B-F32F163A0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D762D1-E3AD-40EA-8D39-83EEB51B5E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A6187D19-7148-4B87-AD7E-244FF9EE0FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "99AC64C2-E391-485C-9CD7-BA09C8FA5E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDA5E95-7805-441B-BEF7-4448EA45E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "51561053-6C28-4F38-BC9B-3F7A7508EB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "118F4A5B-C498-4FC3-BE28-50D18EBE4F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BD38EBE6-FE1A-4B55-9FB5-07952253B7A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "3A491E47-82AD-4055-9444-2EC0D6715326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "13C5FD16-23B6-467F-9438-5B554922F974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9C67235F-5B51-4BF7-89EC-4810F720246F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "08405DEF-05F4-45F0-AC95-DBF914A36D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7B9C4B-4A41-4175-9F07-191C1EE98C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "B306E0A8-4D4A-4895-8128-A500D30A7E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "295C839A-F34E-4853-A926-55EABC639412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "2AFD5F49-7EF9-4CFE-95BD-8FD19B500B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "00B3DDDD-B2F6-4753-BA38-65A24017857D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "33FCD39E-F4BF-432D-9CF9-F195CF5844F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "C7308690-CB0D-4758-B80F-D2ADCD2A9D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "313A470B-8A2B-478A-82B5-B27D2718331C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "83FF021E-07E3-41CC-AAE8-D99D7FF24B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "F72412E3-8DA9-4CC9-A426-B534202ADBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAA9D7A-3C3E-4C0B-9D38-EA80E68C2E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "4A9E3AE5-3FCF-4CBB-A30B-082BCFBFB0CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "CF715657-4C3A-4392-B85D-1BBF4DE45D89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "4B63C618-AC3D-4EF7-AFDF-27B9BF482B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "C33DA5A9-5E40-4365-9602-82FB4DCD15B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAFDB74-40BD-46FA-89AC-617EB2C7160B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5F17DA-30A7-40CF-BD7C-CEDF06D64617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "71A276F5-BD9D-4C1B-90DF-9B0C15B6F7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F6EBEC-3C29-444B-BB85-6EF239B59EC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB91302-FD18-44CF-A8A8-B31483328539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "9B81DC2B-46FA-4640-AD6C-2A404D94BA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6A1663-BC4C-4FC9-B5EB-A52EDED17B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "69C33D6C-6B9F-49F4-B505-E7B589CDEC50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "C464796B-2F31-4159-A132-82A0C74137B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6C6E46-FE29-4D2D-A0EC-43DA5112BCC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "1A370E91-73A1-4D62-8E7B-696B920203F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "340197CD-9645-4B7E-B976-F3F5A7D4C5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "96030636-0C4A-4A10-B768-525D6A0E18CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A42D8419-914F-4AD6-B0E9-C1290D514FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E2C88B-42EA-4F4F-B1F6-A9332EC6888B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "2449D13B-3314-4182-832F-03F6B11AA31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "9A35B66C-F050-4462-A58E-FEE061B5582E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1B551164-0167-49BB-A3AE-4034BDA3DCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "7244278E-49B6-4405-A14C-F3540C8F5AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C3E4B8-7274-4ABB-B7CE-6A39C183CE18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6501EDB9-4847-47F8-90EE-B295626E4CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "2D676D48-7521-45E2-8563-6B966FF86A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "3B69FA17-0AB9-4986-A5A7-2A4C1DD24222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC35593-96C7-41F0-B738-1568F8129121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "38D23794-0E7C-4FA5-A7A8-CF940E3FA962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "008E1E7D-4C20-4560-9288-EF532ADB0029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3A7044-A92E-47A9-A7BD-35E5B575F5FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "783E2980-B6AB-489E-B157-B6A2E10A32CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFFE5A6-6A67-4992-84A3-C0F05FACDEAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "13BBD2A3-AE10-48B9-8776-4FB1CAC37D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B25680CC-8918-4F27-8D7E-A6579215450B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "92C48B4C-410C-4BA8-A28A-B2E928320FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "CB447523-855B-461E-8197-95169BE86EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B155BBDF-6DF6-4FF5-9C41-D8A5266DCC67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28476DEC-9630-4B40-9D4D-9BC151DC4CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5646880A-2355-4BDD-89E7-825863A0311F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF99148-267A-46F8-9927-A9082269BAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A783C083-5D9C-48F9-B5A6-A97A9604FB19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2B817A24-03AC-46CD-BEFA-505457FD2A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "51CF1BCE-090E-4B70-BA16-ACB74411293B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "187AAD67-10D7-4B57-B4C6-00443E246AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F341CE88-C5BC-4CDD-9CB5-B6BAD7152E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37ACE2A6-C229-4236-8E9F-235F008F3AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3220B70-917F-4F9F-8A3B-2BF581281E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "99372D07-C06A-41FA-9843-6D57F99AB5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2B9DC110-D260-4DB4-B8B0-EF1D160ADA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6192FE84-4D53-40D4-AF61-78CE7136141A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*",
"matchCriteriaId": "42FEF3CF-1302-45EB-89CC-3786FE4BAC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AE6A6B58-2C89-4DE4-BA57-78100818095C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*",
"matchCriteriaId": "1D467F87-2F13-4D26-9A93-E0BA526FEA24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE348F7B-02DE-47D5-8011-F83DA9426021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E91594EA-F0A3-41B3-A9C6-F7864FC2F229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1ECCDB-0208-48F6-B44F-16CC0ECE3503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA8B5DE-372E-47E0-A0F6-BE286D509CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1CA083-2CF8-45AE-9E15-1AA3A8352E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "19D69A49-5290-4C5F-8157-719AD58D253D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "290BD969-42E7-47B0-B21B-06DE4865432C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "23A9E29E-DE78-4C73-9FBD-C2410F5FC8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "018434C9-E75F-45CB-A169-DAB4B1D864D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0AC68F-EC58-4C4F-8CBC-A59ECC00CCDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C123C844-F6D7-471E-A62E-F756042FB1CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A11C38BB-7FA2-49B0-AAC9-83DB387A06DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "61F3733C-E5F6-4855-B471-DF3FB823613B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDCA75F-9A06-4457-9A45-38A38E7F7086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7AEA837E-7864-4003-8DB7-111ED710A7E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FE471F-2D1F-4A1D-A197-7E46B75787E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA9E6AB-58DC-4EC5-A25C-11F9D0B38BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B8DB3-B05B-41A2-B091-342D66AAE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "958F0FF8-33EF-4A71-A0BD-572C85211DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA39F48-B02F-4C48-B304-DA9CCA055244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF841F3-48A7-41D7-9C45-A8170435A5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EF506916-A6DC-4B1E-90E5-959492AF55F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CDAD1F-2C6A-48C0-8FAB-C2659373FA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFE4B22-C96A-43D0-B993-F51EDD9C5E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F571CC8B-B212-4553-B463-1DB01D616E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "84E3E151-D437-48ED-A529-731EEFF88567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E3EA3C-CCA5-4433-86E0-3D02C4757A0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AC4F7D-9FA6-4CF1-B2E9-70BF7D4D177C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE3A80D-9648-43CC-8F99-D741ED6552BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A98C03-A465-41B4-A551-A26FEC7FFD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB76697-1C2F-48C0-9B14-517EC053D4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BED88DFD-1DC5-4505-A441-44ECDEF0252D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBFD2ACD-728A-4082-BB6A-A1EF6E58E47D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C31B0E51-F62D-4053-B04F-FC4D5BC373D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A914303E-1CB6-4AAD-9F5F-DE5433C4E814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*",
"matchCriteriaId": "203BBA69-90B2-4C5E-8023-C14180742421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*",
"matchCriteriaId": "0DBFAB53-B889-4028-AC0E-7E165B152A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*",
"matchCriteriaId": "FE409AEC-F677-4DEF-8EB7-2C35809043CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "578EC12B-402F-4AD4-B8F8-C9B2CAB06891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "877002ED-8097-4BB4-BB88-6FC6306C38B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "76294CE3-D72C-41D5-9E0F-B693D0042699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "916E97D4-1FAB-42F5-826B-653B1C0909A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "33FD2217-C5D0-48C1-AD74-3527127FEF9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92971F-B629-4E0A-9A50-8B235F9704B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD3A069-3829-4EE2-9D5A-29459F29D4C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A0964C-CEB2-41D7-A69C-1599B05B6171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F960FA6-F904-4A4E-B483-44C70090E9A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "261C1B41-C9E0-414F-8368-51C0C0B8AD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5CCA261D-2B97-492F-89A0-5F209A804350",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "1B1C0C68-9194-473F-BE5E-EC7F184899FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D7A6AC9E-BEA6-44B0-B3B3-F0F94E32424A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*",
"matchCriteriaId": "16038328-9399-4B85-B777-BA4757D02C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*",
"matchCriteriaId": "16CA2757-FA8D-43D9-96E8-D3C0EB6E1DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*",
"matchCriteriaId": "E8CB5481-5EAE-401E-BD7E-D3095CCA9E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F36FAC-141D-476D-84C5-A558C199F904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51D64824-25F6-4761-BD6A-29038A143744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E284C8A1-740F-454D-A774-99CD3A21B594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C70D72AE-0CBF-4324-9935-57E28EC6279C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F674B06B-7E86-4E41-9126-8152D0DDABAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7039B3EC-8B22-413E-B582-B4BEC6181241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35CF1DD2-80B9-4476-8963-5C3EF52B33F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB0B05B-A5CE-4B9C-AE7F-83062868D35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D166A66E-7454-47EC-BB56-861A9AFEAFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA94F50-2A62-4300-BF4D-A342AAE35629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "252D937B-50DC-444F-AE73-5FCF6203DF27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D8EE51-02C1-47BC-A92C-0A8ABEFD28FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7F20A5D7-3B38-4911-861A-04C8310D5916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D472DE3A-71D8-4F40-9DDE-85929A2B047D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AED943-65A8-4FDB-BBD0-CCEF8682A48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "D4640185-F3D8-4575-A71D-4C889A93DE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "144CCF7C-025E-4879-B2E7-ABB8E4390BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FAA052-0B2B-40CE-8C98-919B8D08A5ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5A53DE-9C83-4A6B-96F3-23C03BF445D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "063EB879-CB05-4E33-AA90-9E43516839B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2D25764F-4B02-4C65-954E-8C7D6632DE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F31F5BF3-CD0A-465C-857F-273841BCD28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FF302C8A-079B-42B9-B455-CD9083BFA067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "744999C0-33D3-4363-B3DB-E0D02CDD3918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E77A76-2A60-45D8-9337-867BC22C5110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F4AAE7-C870-46B7-B559-2949737BE777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "20FA2824-20B0-48B8-BB0A-4904C1D3E8AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9B347E-61AC-419F-9701-B862BBFA46F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "989F351C-8B7C-4C1B-AFA2-AE9431576368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "8D22172A-9FA7-42E0-8451-165D8E47A573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "CE31624C-94F9-45D8-9B4A-D0028F10602F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "70967A83-28F6-4568-9ADA-6EF232E5BBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "962B0C45-AB29-4383-AC16-C6E8245D0FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A0EE126B-74B2-4F79-BFE1-3DC169F3F9B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "392075E0-A9C7-4B4A-90F9-7F1ADFF5EFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC66968-06F0-4874-A95A-A292C36E45C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE986E6-1068-4E1B-8EAB-DF1EAF32B4E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "543E8536-1A8E-4E76-B89F-1B1F9F26FAB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application."
},
{
"lang": "es",
"value": "La funci\u00f3n do_ip_vs_get_ctl en net/netfilter/ipvs/ip_vs_ctl.c en el kernel de Linux anterior a v3.6 no inicializa correctamente cierta estructura para comandos IP_VS_SO_GET_TIMEOUT, permitiendo a usuarios locales obtener informaci\u00f3n sensible de la memoria de pila del n\u00facleo a trav\u00e9s de una aplicaci\u00f3n especialmente dise\u00f1ada."
}
],
"id": "CVE-2012-6540",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-15T20:55:07.477",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1798-1"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1798-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-HP2P-MWJJ-9C92
Vulnerability from github – Published: 2022-05-17 05:09 – Updated: 2025-04-11 04:08
VLAI?
Details
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
{
"affected": [],
"aliases": [
"CVE-2012-6540"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-03-15T20:55:00Z",
"severity": "LOW"
},
"details": "The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"id": "GHSA-hp2p-mwjj-9c92",
"modified": "2025-04-11T04:08:25Z",
"published": "2022-05-17T05:09:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6540"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"type": "WEB",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2013/03/05/13"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1792-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1798-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
CVE-2012-6540
Vulnerability from fstec - Published: 15.03.2013
VLAI Severity ?
Title
Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра
Description
Уязвимость существует в функции do_ip_vs_get_ctl в net/netfilter/ipvs/ip_vs_ctl.c ядра Linux из-за отсутствия инициализации некоторых структур для команд IP_VS_SO_GET_TIMEOUT. Эксплуатация данной уязвимости позволяет локальным пользователям получить доступ к конфиденциальной информации из стековой памяти ядра при помощи специально сформированного приложения
Severity ?
Vendor
Сообщество свободного программного обеспечения
Software Name
Linux
Software Version
от 3.0.0 до 3.5.7 включительно (Linux)
Possible Mitigations
Обновление ядра операционной системы до версии 3.5.8
Reference
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6540
CWE
CWE-20
{
"CVSS 2.0": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 3.0.0 \u0434\u043e 3.5.7 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.5.8",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.03.2013",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2016",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.07.2016",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2014-00073",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2012-6540",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 3.0.0 \u0434\u043e 3.5.7 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 3.0.0 \u0434\u043e 3.5.7 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e 32-bit",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u0441\u0442\u0435\u043a\u043e\u0432\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u044f\u0434\u0440\u0430",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 do_ip_vs_get_ctl \u0432 net/netfilter/ipvs/ip_vs_ctl.c \u044f\u0434\u0440\u0430 Linux \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u0434\u043b\u044f \u043a\u043e\u043c\u0430\u043d\u0434 IP_VS_SO_GET_TIMEOUT. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u0441\u0442\u0435\u043a\u043e\u0432\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u044f\u0434\u0440\u0430 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6540",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 1,9)"
}
CERTA-2013-AVI-224
Vulnerability from certfr_avis - Published: 2013-04-09 - Updated: 2013-04-09
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Ubuntu 10.04 LTS
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eUbuntu 10.04 LTS\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-2546",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2546"
},
{
"name": "CVE-2013-0914",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0914"
},
{
"name": "CVE-2012-6537",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6537"
},
{
"name": "CVE-2012-6540",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6540"
},
{
"name": "CVE-2013-2548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2548"
},
{
"name": "CVE-2013-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1767"
},
{
"name": "CVE-2012-6539",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6539"
},
{
"name": "CVE-2013-1792",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1792"
},
{
"name": "CVE-2013-2547",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2547"
}
],
"initial_release_date": "2013-04-09T00:00:00",
"last_revision_date": "2013-04-09T00:00:00",
"links": [],
"reference": "CERTA-2013-AVI-224",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-1793-1 du 08 avril 2013",
"url": "http://www.ubuntu.com/usn/usn-1793-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-1792-1 du 08 avril 2013",
"url": "http://www.ubuntu.com/usn/usn-1792-1/"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…