UBUNTU-CVE-2012-1097

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2012-1097
Published: 07 Mar 2012, 00:00
Last modified:04 Feb 2026, 02:23

Vulnerability Summary

Overall Risk (default)
medium
31/100
CVSS Score
7.8 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

07 Mar 2012, 00:00
Published
Vulnerability first disclosed
04 Feb 2026, 02:23
Last Modified
Vulnerability information updated

Description

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

CVSS Metrics

  • v3.1HIGHScore: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

  • ubuntulinux

    < 3.11.0-12.19 | < 4.2.0-16.19

  • ubuntulinux-aws

    < 4.4.0-1002.2 | < 4.4.0-1001.10

  • ubuntulinux-flo

    < 3.4.0-1.3 | < 3.4.0-5.22

  • ubuntulinux-gke

    < 4.4.0-1003.3

  • ubuntulinux-goldfish

    < 3.4.0-1.9 | < 3.4.0-4.27

  • ubuntulinux-hwe

    < 4.8.0-36.36~16.04.1

  • ubuntulinux-lts-utopic

    < 3.16.0-25.33~14.04.2

  • ubuntulinux-lts-vivid

    < 3.19.0-18.18~14.04.1

  • ubuntulinux-lts-wily

    < 4.2.0-18.22~14.04.1

  • ubuntulinux-lts-xenial

    < 4.4.0-13.29~14.04.1

  • ubuntulinux-mako

    < 3.4.0-3.21 | < 3.4.0-7.40

  • ubuntulinux-manta

    < 3.4.0-4.19

  • ubuntulinux-raspi2

    < 4.2.0-1013.19

  • ubuntulinux-snapdragon

    < 4.4.0-1012.12

References (16)