CVE-2012-1097

Description

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
• v2.0•HIGH•Score: 7.2AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.11%• Percentile: 29%

Techniques & Countermeasures

• CWE-476•NULL Pointer Dereference

  The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

• linux•linux_kernel

  < 3.0.24 | ≥ 3.1, < 3.2.10

• redhat•enterprise_linux

  4.0

• redhat•enterprise_mrg

  2.0

• suse•linux_enterprise_desktop

  11:sp1 | 11:sp2

• suse•linux_enterprise_high_availability_extension

  11:sp1 | 11:sp2

• suse•linux_enterprise_server

  11:sp1 | 11:sp2

References (12)

• http://rhn.redhat.com/errata/RHSA-2012-0531.html
• http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
• http://secunia.com/advisories/48898
• https://bugzilla.redhat.com/show_bug.cgi?id=799209
• http://rhn.redhat.com/errata/RHSA-2012-0481.html
• http://www.openwall.com/lists/oss-security/2012/03/05/1
• http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10
• http://secunia.com/advisories/48964
• https://github.com/torvalds/linux/commit/c8e252586f8d5de906385d8cf6385fee289a825e
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html
• http://secunia.com/advisories/48842
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8e252586f8d5de906385d8cf6385fee289a825e