Published: 09/08/2012 Updated: 13/02/2023

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

VMScore: 419

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

The copy_creds function in kernel/cred.c in the Linux kernel prior to 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.3
linux linux kernel

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security i ...

Several security issues were fixed in the kernel ...

The system could be made to crash under certain conditions ...

Several security issues were fixed in the kernel ...

CWE-119 https://bugzilla.redhat.com/show_bug.cgi?id=833428 https://github.com/torvalds/linux/commit/79549c6dfda0603dba9a70a53467ce62d9335c33 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 http://rhn.redhat.com/errata/RHSA-2012-1064.html http://www.ubuntu.com/usn/USN-1567-1 http://www.ubuntu.com/usn/USN-1606-1 http://www.ubuntu.com/usn/USN-1597-1 http://www.securityfocus.com/bid/54365 http://secunia.com/advisories/50853 http://www.securitytracker.com/id?1027236 http://secunia.com/advisories/50961 http://secunia.com/advisories/50633 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=79549c6dfda0603dba9a70a53467ce62d9335c33 https://access.redhat.com/errata/RHSA-2012:1064 https://nvd.nist.gov https://usn.ubuntu.com/1460-1/

CVE-2012-2745

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect