CVE-2012-0810 — Uncontrolled Resource Consumption in Kernel

CWE-400 — Uncontrolled Resource Consumption5 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 85.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Linux Foundation Linux Kernel

Timeline

PublishedFeb 12

Latest updateApr 23

Description

The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDlinux/linux_kernel< 3.3

▶CVEListV5linux_foundation/linux_kernelbefore 3.3

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-xgx6-xwch-wmqq: The int3 handler in the Linux kernel before 3↗2022-04-23

▶

CVEList

CVE-2012-0810: The int3 handler in the Linux kernel before 3↗2020-02-12

▶

📋Vendor Advisories

Red Hat

kernel-rt: stack corruption when task gets scheduled out using the debug stack↗2012-02-23

▶

💬Community

Bugzilla

CVE-2012-0810 kernel-rt: stack corruption when task gets scheduled out using the debug stack↗2012-02-17

▶