CVE-2012-3430

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-3430
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7
http://rhn.redhat.com/errata/RHSA-2012-1323.html
http://secunia.com/advisories/50633
http://secunia.com/advisories/50732
http://secunia.com/advisories/50811
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44
http://www.openwall.com/lists/oss-security/2012/07/26/5
http://www.ubuntu.com/usn/USN-1567-1
http://www.ubuntu.com/usn/USN-1568-1
http://www.ubuntu.com/usn/USN-1572-1
http://www.ubuntu.com/usn/USN-1575-1
http://www.ubuntu.com/usn/USN-1577-1
http://www.ubuntu.com/usn/USN-1578-1
http://www.ubuntu.com/usn/USN-1579-1
http://www.ubuntu.com/usn/USN-1580-1
https://bugzilla.redhat.com/show_bug.cgi?id=820039
https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7 Exploit
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7
http://rhn.redhat.com/errata/RHSA-2012-1323.html
http://secunia.com/advisories/50633
http://secunia.com/advisories/50732
http://secunia.com/advisories/50811
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44
http://www.openwall.com/lists/oss-security/2012/07/26/5
http://www.ubuntu.com/usn/USN-1567-1
http://www.ubuntu.com/usn/USN-1568-1
http://www.ubuntu.com/usn/USN-1572-1
http://www.ubuntu.com/usn/USN-1575-1
http://www.ubuntu.com/usn/USN-1577-1
http://www.ubuntu.com/usn/USN-1578-1
http://www.ubuntu.com/usn/USN-1579-1
http://www.ubuntu.com/usn/USN-1580-1
https://bugzilla.redhat.com/show_bug.cgi?id=820039
https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7 Exploit
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*
History

21 Nov 2024, 01:40

Type Values Removed Values Added
References () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7 - () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7 -
References () http://rhn.redhat.com/errata/RHSA-2012-1323.html - () http://rhn.redhat.com/errata/RHSA-2012-1323.html -
References () http://secunia.com/advisories/50633 - () http://secunia.com/advisories/50633 -
References () http://secunia.com/advisories/50732 - () http://secunia.com/advisories/50732 -
References () http://secunia.com/advisories/50811 - () http://secunia.com/advisories/50811 -
References () http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44 - () http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44 -
References () http://www.openwall.com/lists/oss-security/2012/07/26/5 - () http://www.openwall.com/lists/oss-security/2012/07/26/5 -
References () http://www.ubuntu.com/usn/USN-1567-1 - () http://www.ubuntu.com/usn/USN-1567-1 -
References () http://www.ubuntu.com/usn/USN-1568-1 - () http://www.ubuntu.com/usn/USN-1568-1 -
References () http://www.ubuntu.com/usn/USN-1572-1 - () http://www.ubuntu.com/usn/USN-1572-1 -
References () http://www.ubuntu.com/usn/USN-1575-1 - () http://www.ubuntu.com/usn/USN-1575-1 -
References () http://www.ubuntu.com/usn/USN-1577-1 - () http://www.ubuntu.com/usn/USN-1577-1 -
References () http://www.ubuntu.com/usn/USN-1578-1 - () http://www.ubuntu.com/usn/USN-1578-1 -
References () http://www.ubuntu.com/usn/USN-1579-1 - () http://www.ubuntu.com/usn/USN-1579-1 -
References () http://www.ubuntu.com/usn/USN-1580-1 - () http://www.ubuntu.com/usn/USN-1580-1 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=820039 - () https://bugzilla.redhat.com/show_bug.cgi?id=820039 -
References () https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7 - Exploit () https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7 - Exploit
References () https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html - () https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html -
Information

Published : 2012-10-03 11:02

Updated : 2025-04-11 00:51

NVD link : CVE-2012-3430

Mitre link : CVE-2012-3430

CVE.ORG link : CVE-2012-3430

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor