Lucene search

[email protected]NVD:CVE-2012-3511

HistoryOct 04, 2012 - 3:28 a.m.

CVE-2012-3511

2012-10-0403:28:35

CWE-362

[email protected]

web.nvd.nist.gov

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤3.4.4

linuxlinux_kernelMatch3.0rc1

linuxlinux_kernelMatch3.0rc2

linuxlinux_kernelMatch3.0rc3

linuxlinux_kernelMatch3.0rc4

linuxlinux_kernelMatch3.0rc5

linuxlinux_kernelMatch3.0rc6

linuxlinux_kernelMatch3.0rc7

linuxlinux_kernelMatch3.0.1

linuxlinux_kernelMatch3.0.2

linuxlinux_kernelMatch3.0.3

linuxlinux_kernelMatch3.0.4

linuxlinux_kernelMatch3.0.5

linuxlinux_kernelMatch3.0.6

linuxlinux_kernelMatch3.0.7

linuxlinux_kernelMatch3.0.8

linuxlinux_kernelMatch3.0.9

linuxlinux_kernelMatch3.0.10

linuxlinux_kernelMatch3.0.11

linuxlinux_kernelMatch3.0.12

linuxlinux_kernelMatch3.0.13

linuxlinux_kernelMatch3.0.14

linuxlinux_kernelMatch3.0.15

linuxlinux_kernelMatch3.0.16

linuxlinux_kernelMatch3.0.17

linuxlinux_kernelMatch3.0.18

linuxlinux_kernelMatch3.0.19

linuxlinux_kernelMatch3.0.20

linuxlinux_kernelMatch3.0.21

linuxlinux_kernelMatch3.0.22

linuxlinux_kernelMatch3.0.23

linuxlinux_kernelMatch3.0.24

linuxlinux_kernelMatch3.0.25

linuxlinux_kernelMatch3.0.26

linuxlinux_kernelMatch3.0.27

linuxlinux_kernelMatch3.0.28

linuxlinux_kernelMatch3.0.29

linuxlinux_kernelMatch3.0.30

linuxlinux_kernelMatch3.0.31

linuxlinux_kernelMatch3.0.32

linuxlinux_kernelMatch3.0.33

linuxlinux_kernelMatch3.0.34

linuxlinux_kernelMatch3.1

linuxlinux_kernelMatch3.1rc1

linuxlinux_kernelMatch3.1rc2

linuxlinux_kernelMatch3.1rc3

linuxlinux_kernelMatch3.1rc4

linuxlinux_kernelMatch3.1.1

linuxlinux_kernelMatch3.1.2

linuxlinux_kernelMatch3.1.3

linuxlinux_kernelMatch3.1.4

linuxlinux_kernelMatch3.1.5

linuxlinux_kernelMatch3.1.6

linuxlinux_kernelMatch3.1.7

linuxlinux_kernelMatch3.1.8

linuxlinux_kernelMatch3.1.9

linuxlinux_kernelMatch3.1.10

linuxlinux_kernelMatch3.2

linuxlinux_kernelMatch3.2rc2

linuxlinux_kernelMatch3.2rc3

linuxlinux_kernelMatch3.2rc4

linuxlinux_kernelMatch3.2rc5

linuxlinux_kernelMatch3.2rc6

linuxlinux_kernelMatch3.2rc7

linuxlinux_kernelMatch3.2.1

linuxlinux_kernelMatch3.2.2

linuxlinux_kernelMatch3.2.3

linuxlinux_kernelMatch3.2.4

linuxlinux_kernelMatch3.2.5

linuxlinux_kernelMatch3.2.6

linuxlinux_kernelMatch3.2.7

linuxlinux_kernelMatch3.2.8

linuxlinux_kernelMatch3.2.9

linuxlinux_kernelMatch3.2.10

linuxlinux_kernelMatch3.2.11

linuxlinux_kernelMatch3.2.12

linuxlinux_kernelMatch3.2.13

linuxlinux_kernelMatch3.2.14

linuxlinux_kernelMatch3.2.15

linuxlinux_kernelMatch3.2.16

linuxlinux_kernelMatch3.2.17

linuxlinux_kernelMatch3.2.18

linuxlinux_kernelMatch3.2.19

linuxlinux_kernelMatch3.2.20

linuxlinux_kernelMatch3.3

linuxlinux_kernelMatch3.3rc1

linuxlinux_kernelMatch3.3rc2

linuxlinux_kernelMatch3.3rc3

linuxlinux_kernelMatch3.3rc4

linuxlinux_kernelMatch3.3rc5

linuxlinux_kernelMatch3.3rc6

linuxlinux_kernelMatch3.3rc7

linuxlinux_kernelMatch3.3.1

linuxlinux_kernelMatch3.3.2

linuxlinux_kernelMatch3.3.3

linuxlinux_kernelMatch3.3.4

linuxlinux_kernelMatch3.3.5

linuxlinux_kernelMatch3.3.6

linuxlinux_kernelMatch3.3.7

linuxlinux_kernelMatch3.3.8

linuxlinux_kernelMatch3.4

linuxlinux_kernelMatch3.4.1

linuxlinux_kernelMatch3.4.2

linuxlinux_kernelMatch3.4.3

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb

secunia.com/advisories/50633

secunia.com/advisories/50732

secunia.com/advisories/55055

ubuntu.com/usn/usn-1529-1

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5

www.openwall.com/lists/oss-security/2012/08/20/13

www.securityfocus.com/bid/55151

www.ubuntu.com/usn/USN-1567-1

www.ubuntu.com/usn/USN-1572-1

www.ubuntu.com/usn/USN-1577-1

bugzilla.redhat.com/show_bug.cgi?id=849734

github.com/torvalds/linux/commit/9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

Related for NVD:CVE-2012-3511

debiancve1 seebug1 prion1 veracode1 cve1 ubuntucve1 cvelist1 nessus23 openvas30 oraclelinux6 ubuntu10 centos2 redhat3 securityvulns2 amazon1