4

CVE-2012-2373

The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel HwPlatformx86 Version <= 3.4.4
LinuxLinux Kernel Version3.4 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc1 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc2 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc3 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc4 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc5 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc6 HwPlatformx86
LinuxLinux Kernel Version3.4 Updaterc7 HwPlatformx86
LinuxLinux Kernel Version3.4.1 HwPlatformx86
LinuxLinux Kernel Version3.4.2 HwPlatformx86
LinuxLinux Kernel Version3.4.3 HwPlatformx86
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.167
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 1.9 6.9
AV:L/AC:H/Au:N/C:N/I:N/A:C
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://rhn.redhat.com/errata/RHSA-2012-0743.html
http://ubuntu.com/usn/usn-1529-1
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626
http://www.openwall.com/lists/oss-security/2012/05/18/11
https://bugzilla.redhat.com/show_bug.cgi?id=822821
https://github.com/torvalds/linux/commit/26c191788f18129af0eb32a358cdaea0c7479626
Patch