NVD

Id
47220  
Name
CVE-2012-6539  
Description
The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.  
Reject
 
CVSS Version
2  
CVSS Score
1.9  
Severity
Low  
CVSS Base Score
1.9  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2013-03-15  
Modified Date
2013-05-14  
Seq
2012-6539  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
236220 47220 CVE-2012-6539 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=43da5f2e0d0c69ded3d51907d9552310a6b545e8  View
236221 47220 CVE-2012-6539 [oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs  View
236222 47220 CVE-2012-6539 USN-1792-1  View
236223 47220 CVE-2012-6539 USN-1798-1  View
236224 47220 CVE-2012-6539 https://github.com/torvalds/linux/commit/43da5f2e0d0c69ded3d51907d9552310a6b545e8  View
236225 47220 CVE-2012-6539 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20307 JVNDB-2013-001882 Linux Kernel の net/socket.c における重要な情報を取得される脆弱性 Linux Kernel の net/socket.c 内の dev_ifconf 関数は、特定の構造体を初期化しないため、カーネルスタックメモリから重要な情報を取得される脆弱性が存在します。 CVE-2012-6539 59777 CVE-2012-6539 47220 1.9 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001882.html 2013-03-15 2013-03-21 View