CVE-2012-6547

Published: Mar 14, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

MDVSA-2013:176

vendor-advisory

x_refsource_MANDRIVA

[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs

mailing-list

x_refsource_MLIST

https://github.com/torvalds/linux/commit/a117dacde0288f3ec60b6e5bcedae8fa37ee0dfc

x_refsource_CONFIRM

https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

x_refsource_CONFIRM

RHSA-2013:0744

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a117dacde0288f3ec60b6e5bcedae8fa37ee0dfc

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-6547

Description

Affected Products

References