CVE-2012-0957

Linux kernel <3.4.16 - Info Disclosure

Title source: llm

Description

The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Brad Spengler · clocallinux

https://www.exploit-db.com/exploits/37937

View Code ZIP pw:eip

References (14)

[Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2702b1526c7278c4d65d78de209a465d4de2885e

[Exploit] http://www.openwall.com/lists/oss-security/2012/10/09/4

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1644-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1645-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1646-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1647-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1648-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1649-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1652-1

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=862877

[Patch] https://github.com/torvalds/linux/commit/2702b1526c7278c4d65d78de209a465d4de2885e

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html

[Third Party Advisory] http://secunia.com/advisories/51409

Scores

EPSS 0.0050

EPSS Percentile 66.2%

Details

CWE

CWE-16

Status published

Products (44)

linux/linux_kernel 3.0 rc1 (7 CPE variants)

linux/linux_kernel 3.0.1

linux/linux_kernel 3.0.2

linux/linux_kernel 3.0.3

linux/linux_kernel 3.0.4

linux/linux_kernel 3.0.5

linux/linux_kernel 3.0.6

linux/linux_kernel 3.0.7

linux/linux_kernel 3.0.8

linux/linux_kernel 3.0.9

... and 34 more

Published Dec 21, 2012

Tracked Since Feb 18, 2026