CVE-2012-2745

Published Aug 9, 2012

Last updated 2 years ago

CVSS info 4.7

Overview

Description: The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.7
Impact score: 6.9
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A414BCFE-F436-4E67-BF24-05766DA92376",
            "versionEndIncluding": "3.3.1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFB76697-1C2F-48C0-9B14-517EC053D4B3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BED88DFD-1DC5-4505-A441-44ECDEF0252D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBFD2ACD-728A-4082-BB6A-A1EF6E58E47D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C31B0E51-F62D-4053-B04F-FC4D5BC373D2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A914303E-1CB6-4AAD-9F5F-DE5433C4E814"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "203BBA69-90B2-4C5E-8023-C14180742421"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DBFAB53-B889-4028-AC0E-7E165B152A18"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE409AEC-F677-4DEF-8EB7-2C35809043CE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References