PT-2012-4705 · Linux+3 · Linux Kernel+3

Jay Fenlason

Publicado

2012-07-27

Atualizado

2023-02-13

CVE-2012-3430

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.0.44

Description The issue is related to the rds recvmsg function in the Linux kernel, which does not initialize a certain structure member. This allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

Recommendations For Linux kernel versions prior to 3.0.44, update to version 3.0.44 or later to resolve the issue.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CESA-2012_1304

CVE-2012-3430

RHSA-2012:1304

RHSA-2012:1323

RHSA-2012:1491

RHSA-2012_1304

RHSA-2012_1323

SUSE-SU-2012_1708-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0652-1

SUSE-SU-2019:14051-1

SUSE-SU-2019_14051-1

USN-1260-1

USN-1567-1

USN-1568-1

USN-1572-1

USN-1573-1

USN-1574-1

USN-1575-1

USN-1577-1

USN-1578-1

USN-1579-1

USN-1580-1

Produtos afetados

Centos

Linux Kernel

Red Hat

Suse

PT-2012-4705 · Linux+3 · Linux Kernel+3

CVE-2012-3430

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 88