Published: 21/12/2012 Updated: 13/02/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Race condition in fs/ext4/extents.c in the Linux kernel prior to 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.2.21
linux linux kernel 3.4.4
linux linux kernel 3.0.25
linux linux kernel 3.1.2
linux linux kernel 3.4.11
linux linux kernel 3.0
linux linux kernel 3.2.19
linux linux kernel 3.0.22
linux linux kernel 3.2.23
linux linux kernel 3.4.13
linux linux kernel 3.0.5
linux linux kernel 3.4.1
linux linux kernel 3.2.18
linux linux kernel 3.3
linux linux kernel 3.0.38
linux linux kernel 3.1
linux linux kernel 3.4
linux linux kernel 3.2.5
linux linux kernel 3.2.26
linux linux kernel 3.0.18
linux linux kernel 3.0.6
linux linux kernel 3.0.36
linux linux kernel 3.0.35
linux linux kernel 3.0.11
linux linux kernel 3.0.34
linux linux kernel 3.0.32
linux linux kernel 3.2
linux linux kernel 3.2.16
linux linux kernel 3.4.12
linux linux kernel 3.3.2
linux linux kernel 3.0.19
linux linux kernel 3.2.27
linux linux kernel 3.0.37
linux linux kernel 3.0.4
linux linux kernel 3.3.8
linux linux kernel 3.0.27
linux linux kernel 3.3.3
linux linux kernel 3.4.5
linux linux kernel 3.2.11
linux linux kernel 3.0.42
linux linux kernel 3.0.23
linux linux kernel 3.2.10
linux linux kernel 3.0.8
linux linux kernel 3.2.14
linux linux kernel 3.4.14
linux linux kernel 3.3.4
linux linux kernel 3.2.29
linux linux kernel 3.0.40
linux linux kernel 3.0.33
linux linux kernel
linux linux kernel 3.0.28
linux linux kernel 3.3.6
linux linux kernel 3.2.25
linux linux kernel 3.4.3
linux linux kernel 3.4.2
linux linux kernel 3.2.4
linux linux kernel 3.0.13
linux linux kernel 3.2.9
linux linux kernel 3.0.10
linux linux kernel 3.2.15
linux linux kernel 3.0.1
linux linux kernel 3.1.6
linux linux kernel 3.2.20
linux linux kernel 3.2.24
linux linux kernel 3.2.6
linux linux kernel 3.2.2
linux linux kernel 3.0.17
linux linux kernel 3.1.3
linux linux kernel 3.1.9
linux linux kernel 3.0.44
linux linux kernel 3.0.16
linux linux kernel 3.2.13
linux linux kernel 3.0.21
linux linux kernel 3.0.7
linux linux kernel 3.4.10
linux linux kernel 3.1.5
linux linux kernel 3.1.8
linux linux kernel 3.2.1
linux linux kernel 3.2.7
linux linux kernel 3.0.20
linux linux kernel 3.0.24
linux linux kernel 3.3.5
linux linux kernel 3.0.15
linux linux kernel 3.2.30
linux linux kernel 3.0.39
linux linux kernel 3.0.2
linux linux kernel 3.1.7
linux linux kernel 3.1.1
linux linux kernel 3.3.7
linux linux kernel 3.0.12
linux linux kernel 3.2.22
linux linux kernel 3.2.17
linux linux kernel 3.2.8
linux linux kernel 3.1.10
linux linux kernel 3.3.1
linux linux kernel 3.0.3
linux linux kernel 3.0.9
linux linux kernel 3.0.26
linux linux kernel 3.1.4
linux linux kernel 3.0.43
linux linux kernel 3.0.30
linux linux kernel 3.0.31
linux linux kernel 3.0.29
linux linux kernel 3.2.12
linux linux kernel 3.2.28
linux linux kernel 3.0.14
linux linux kernel 3.2.3
linux linux kernel 3.0.41

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix three security issues and several bugs arenow available for Red Hat Enterprise Linux 63 Extended Update SupportThe Red Hat Security Response Team has rated this update a ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, two bugs, andadd two enhancements are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated thi ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and multiplebugs are now available for Red Hat Enterprise MRG 22The Red Hat Security Response Team has rated this update as havingimportant ...

Synopsis Important: Red Hat Enterprise Linux 6 kernel update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red Hat Enter ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 62 Extended Update SupportThe Red Hat Security Response Team has rated this update as ...

A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges (CVE-2012-2133, Moderate) A use-after-free flaw was found in the madvise() system call imple ...

Several security issues were fixed in the kernel ...

The system could be made to crash under certain conditions ...

Several security issues were fixed in the kernel ...

USN-1704-1 introduced a regression in the Linux kernel ...

Several security issues were fixed in the kernel ...

CWE-362 https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531 http://www.openwall.com/lists/oss-security/2012/10/25/1 https://bugzilla.redhat.com/show_bug.cgi?id=869904 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16 http://rhn.redhat.com/errata/RHSA-2012-1540.html https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html http://www.ubuntu.com/usn/USN-1645-1 http://rhn.redhat.com/errata/RHSA-2013-0496.html http://www.ubuntu.com/usn/USN-1899-1 http://www.ubuntu.com/usn/USN-1900-1 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html http://rhn.redhat.com/errata/RHSA-2013-1783.html http://rhn.redhat.com/errata/RHSA-2013-1519.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dee1f973ca341c266229faa5a1a5bb268bed3531 https://nvd.nist.gov https://www.debian.org/security/./dsa-2668 https://usn.ubuntu.com/1900-1/

Get Started

CVE-2012-4508

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect