NVD

Id
47224  
Name
CVE-2012-6543  
Description
The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.  
Reject
 
CVSS Version
2  
CVSS Score
1.9  
Severity
Low  
CVSS Base Score
1.9  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2013-03-15  
Modified Date
2013-03-18  
Seq
2012-6543  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
236243 47224 CVE-2012-6543 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=04d4fbca1017c11381e7d82acea21dd741e748bc  View
236244 47224 CVE-2012-6543 [oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs  View
236245 47224 CVE-2012-6543 https://github.com/torvalds/linux/commit/04d4fbca1017c11381e7d82acea21dd741e748bc  View
236246 47224 CVE-2012-6543 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20311 JVNDB-2013-001886 Linux Kernel の net/l2tp/l2tp_ip6.c における重要な情報を取得される脆弱性 Linux Kernel の net/l2tp/l2tp_ip6.c 内の l2tp_ip6_getname 関数は、特定の構造体メンバを初期化しないため、カーネルスタックメモリから重要な情報を取得される脆弱性が存在します。 CVE-2012-6543 59781 CVE-2012-6543 47224 1.9 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001886.html 2013-03-15 2013-03-21 View