Links

Tenable Community & Support

Tenable University

Settings

Severity

Theme

CVE-2012-6544

low

Description

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3f68ba07b1da811bf383b4b701b129bfcb2e4988

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=792039c73cf176c8e39a6e8beef2c94ff46522ed

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e15ca9a0ef9a86f0477530b0f44a725d67f889ee

http://rhn.redhat.com/errata/RHSA-2013-1173.html

http://www.openwall.com/lists/oss-security/2013/03/05/13

http://www.ubuntu.com/usn/USN-1805-1

http://www.ubuntu.com/usn/USN-1808-1

https://github.com/torvalds/linux/commit/3f68ba07b1da811bf383b4b701b129bfcb2e4988

https://github.com/torvalds/linux/commit/792039c73cf176c8e39a6e8beef2c94ff46522ed

https://github.com/torvalds/linux/commit/e15ca9a0ef9a86f0477530b0f44a725d67f889ee

https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

Details

Source: MITRE

Published: 2013-03-15

Updated: 2019-04-22

Type: CWE-200

Risk Information

CVSS v2

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW