CVE-2012-3364

2013-01-2223:55:02

CWE-119

redhat

web.nvd.nist.gov

cve-2012-3364

buffer overflow

nci

linux kernel

denial of service

remote code execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.7

Confidence

Low

EPSS

0.062

Percentile

93.7%

JSON

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤3.4.4

linuxlinux_kernelMatch3.4

linuxlinux_kernelMatch3.4.1

linuxlinux_kernelMatch3.4.2

linuxlinux_kernelMatch3.4.3

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel3.4cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*
linuxlinux_kernel3.4.1cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*
linuxlinux_kernel3.4.2cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*
linuxlinux_kernel3.4.3cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	3.4	cpe:2.3:o:linux:linux_kernel:3.4:::::::*
linux	linux_kernel	3.4.1	cpe:2.3:o:linux:linux_kernel:3.4.1:::::::*
linux	linux_kernel	3.4.2	cpe:2.3:o:linux:linux_kernel:3.4.2:::::::*
linux	linux_kernel	3.4.3	cpe:2.3:o:linux:linux_kernel:3.4.3:::::::*