CVE-2012-6545
Vulnerability Summary
Timeline
Description
The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.
CVSS Metrics
- v2.0•LOW•Score: 1.9AV:L/AC:M/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 0.10%• Percentile: 28%
Techniques & Countermeasures
- CWE-200•Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Affected Systems
- linux•linux_kernel
≤ 3.5.7 | 3.0:rc1 | 3.0:rc2 | 3.0:rc3 | 3.0:rc4 | 3.0:rc5 | 3.0:rc6 | 3.0:rc7 | 3.0.1 | 3.0.2 | 3.0.3 | 3.0.4 | 3.0.5 | 3.0.6 | 3.0.7 | 3.0.8 | 3.0.9 | 3.0.10 | 3.0.11 | 3.0.12 | 3.0.13 | 3.0.14 | 3.0.15 | 3.0.16 | 3.0.17 | 3.0.18 | 3.0.19 | 3.0.20 | 3.0.21 | 3.0.22 | 3.0.23 | 3.0.24 | 3.0.25 | 3.0.26 | 3.0.27 | 3.0.28 | 3.0.29 | 3.0.30 | 3.0.31 | 3.0.32 | 3.0.33 | 3.0.34 | 3.0.35 | 3.0.36 | 3.0.37 | 3.0.38 | 3.0.39 | 3.0.40 | 3.0.41 | 3.0.42 | 3.0.43 | 3.0.44 | 3.0.45 | 3.0.46 | 3.0.47 | 3.0.48 | 3.0.49 | 3.0.50 | 3.0.51 | 3.0.52 | 3.0.53 | 3.0.54 | 3.0.55 | 3.0.56 | 3.0.57 | 3.0.58 | 3.0.59 | 3.0.60 | 3.0.61 | 3.0.62 | 3.0.63 | 3.0.64 | 3.0.65 | 3.0.66 | 3.0.67 | 3.0.68 | 3.1 | 3.1:rc1 | 3.1:rc2 | 3.1:rc3 | 3.1:rc4 | 3.1.1 | 3.12 | 3.13 | 3.14 | 3.15 | 3.16 | 3.17 | 3.18 | 3.19 | 3.1.10 | 3.2 | 3.2:rc2 | 3.2:rc3 | 3.2:rc4 | 3.2:rc5 | 3.2:rc6 | 3.2:rc7 | 3.2.1 | 3.2.2 | 3.2.3 | 3.2.4 | 3.2.5 | 3.2.6 | 3.2.7 | 3.2.8 | 3.2.9 | 3.2.10 | 3.2.11 | 3.2.12 | 3.2.13 | 3.2.14 | 3.2.15 | 3.2.16 | 3.2.17 | 3.2.18 | 3.2.19 | 3.2.20 | 3.2.21 | 3.2.22 | 3.2.23 | 3.2.24 | 3.2.25 | 3.2.26 | 3.2.27 | 3.2.28 | 3.2.29 | 3.2.30 | 3.3 | 3.3:rc1 | 3.3:rc2 | 3.3:rc3 | 3.3:rc4 | 3.3:rc5 | 3.3:rc6 | 3.3:rc7 | 3.3.1 | 3.3.2 | 3.3.3 | 3.3.4 | 3.3.5 | 3.3.6 | 3.3.7 | 3.3.8 | 3.4 | 3.4:rc1 | 3.4:rc2 | 3.4:rc3 | 3.4:rc4 | 3.4:rc5 | 3.4:rc6 | 3.4:rc7 | 3.4.1 | 3.4.2 | 3.4.3 | 3.4.4 | 3.4.5 | 3.4.6 | 3.4.7 | 3.4.8 | 3.4.9 | 3.4.10 | 3.4.11 | 3.4.12 | 3.4.13 | 3.4.14 | 3.4.15 | 3.4.16 | 3.4.17 | 3.4.18 | 3.4.19 | 3.4.20 | 3.4.21 | 3.4.22 | 3.4.23 | 3.4.24 | 3.4.25 | 3.4.26 | 3.4.27 | 3.4.28 | 3.4.29 | 3.4.30 | 3.4.31 | 3.4.32 | 3.5.1 | 3.5.2 | 3.5.3 | 3.5.4 | 3.5.5 | 3.5.6
- redhat•enterprise_linux
5 | 6.0
References (11)
- https://github.com/torvalds/linux/commit/9344a972961d1a6d2c04d9008b13617bcb6ec2ef
- http://www.ubuntu.com/usn/USN-1805-1
- http://www.openwall.com/lists/oss-security/2013/03/05/13
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9344a972961d1a6d2c04d9008b13617bcb6ec2ef
- http://www.ubuntu.com/usn/USN-1808-1
- http://rhn.redhat.com/errata/RHSA-2013-1645.html
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ad2de43f1aee7e7274a4e0d41465489299e344b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a
- https://github.com/torvalds/linux/commit/f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a
- https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2
- https://github.com/torvalds/linux/commit/9ad2de43f1aee7e7274a4e0d41465489299e344b