cbcvebase.
CVE-2012-0957
published 2012-12-21

CVE-2012-0957: The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via…

PriorityP420medium4.9CVSS 2.0
AVLACLAuNCCINAN
EXPLOIT
EPSS
0.96%
57.0th percentile
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.

Affected

113 ranges· showing 25
VendorProductVersion rangeFixed in
debianlinux< linux 3.2.32-1 (bookworm)linux 3.2.32-1 (bookworm)
linuxlinux_kernel<= 3.4.15
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel

CVSS provenance

nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:C/I:N/A:N
osv4.9MEDIUM
vendor_debian4.9MEDIUM
vendor_redhat4.9MEDIUM
vendor_ubuntu4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.