7.8

CVE-2012-1097

EPSS 0.12%
Veröffentlicht 17.05.2012 11:00:37
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 3.0.24

Linux ≫ Linux Kernel Version >= 3.1 < 3.2.10

Redhat ≫ Enterprise Linux Version4.0

Redhat ≫ Enterprise Mrg Version2.0

Suse ≫ Linux Enterprise Desktop Version11 Updatesp1

Suse ≫ Linux Enterprise Desktop Version11 Updatesp2

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp1

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp2

Suse ≫ Linux Enterprise Server Version11 Updatesp1 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp1 SwEdition-

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwEdition-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.319

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/48898

Broken Link

http://secunia.com/advisories/48964

Broken Link

http://rhn.redhat.com/errata/RHSA-2012-0531.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2012-0481.html

Third Party Advisory

http://secunia.com/advisories/48842

Broken Link

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10

Patch

Vendor Advisory

Mailing List

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8e252586f8d5de906385d8cf6385fee289a825e

http://www.openwall.com/lists/oss-security/2012/03/05/1

Patch

Third Party Advisory

Mailing List

https://bugzilla.redhat.com/show_bug.cgi?id=799209

Patch

Third Party Advisory

Issue Tracking

https://github.com/torvalds/linux/commit/c8e252586f8d5de906385d8cf6385fee289a825e

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-1097

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1097

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1097

EUVD