CVE-2012-6545

high

Description

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

References

https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

https://github.com/torvalds/linux/commit/f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a

https://github.com/torvalds/linux/commit/9ad2de43f1aee7e7274a4e0d41465489299e344b

https://github.com/torvalds/linux/commit/9344a972961d1a6d2c04d9008b13617bcb6ec2ef

http://www.ubuntu.com/usn/USN-1808-1

http://www.ubuntu.com/usn/USN-1805-1

http://www.openwall.com/lists/oss-security/2013/03/05/13

http://rhn.redhat.com/errata/RHSA-2013-1645.html

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ad2de43f1aee7e7274a4e0d41465489299e344b

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9344a972961d1a6d2c04d9008b13617bcb6ec2ef

Details

Source: Mitre, NVD

Published: 2013-03-15

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

Detections

Analytics