CVE-2012-3430

Linux Kernel < 3.0.43 - Information Disclosure

Title source: rule

Description

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jay Fenlason · clocallinux

https://www.exploit-db.com/exploits/37543

View Code ZIP pw:eip

References (18)

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-1323.html

[Third Party Advisory] http://secunia.com/advisories/50633

[Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1567-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1568-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1572-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1575-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1577-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1578-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1579-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1580-1

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=820039

[Exploit] https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7

[Various Sources] https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html

[Mailing List] http://www.openwall.com/lists/oss-security/2012/07/26/5

[Third Party Advisory] http://secunia.com/advisories/50732

[Third Party Advisory] http://secunia.com/advisories/50811

Scores

EPSS 0.0018

EPSS Percentile 39.0%

Details

CWE

CWE-200

Status published

Products (43)

linux/linux_kernel 3.0.1

linux/linux_kernel 3.0.2

linux/linux_kernel 3.0.3

linux/linux_kernel 3.0.4

linux/linux_kernel 3.0.5

linux/linux_kernel 3.0.6

linux/linux_kernel 3.0.7

linux/linux_kernel 3.0.8

linux/linux_kernel 3.0.9

linux/linux_kernel 3.0.10

... and 33 more

Published Oct 03, 2012

Tracked Since Feb 18, 2026