CVE-2012-3430
published 2012-10-03CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain…
PriorityP411low2.1CVSS 2.0
AVLACLAuNCPINAN
EXPLOIT
EPSS
0.95%
56.8th percentile
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
Affected
48 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 3.2.29-1 (bookworm) | linux 3.2.29-1 (bookworm) |
| linux | linux_kernel | <= 3.0.43 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW
vendor_ubuntu7.8HIGH
vendor_debian2.1LOW
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2012-09-21·CVSS 4.9
CVE-2012-2121 [MEDIUM] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).
An administrative user in the guest OS could leverage this flaw to cause a
denial of service in the host OS. (CVE-2012-2121)
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
A flaw was discovered in the madvise feature of the Linux kerne
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2012-09-21·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP
device driver. A local user could exploit this flaw to examine part of the
kernel's stack memory. (CVE-2012-6547)
A flaw was discovered in the requeuing of futexes in the Linux kernel. A
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2012-09-21·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall al
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-09-21·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP
device driver. A local user could exploit this flaw to examine part of the
kernel's stack memory. (CVE-2012-6547)
A flaw was discovered in the requeuing of futexes in the Linux kernel. A
local u
Ubuntu
Linux kernel (EC2) vulnerabilities
vendor_ubuntu·2012-09-19·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel (EC2) vulnerabilities
Title: Linux kernel (EC2) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
A flaw was discovered in the madvise feature of the Linux kernel's memory
subsystem. An unprivileged local use could exploit the flaw to cause a
denial of service (crash the system). (CVE-2012-3511)
Instructions: After a standard system update you need to reboot y
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-09-19·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
A flaw was discovered in the madvise feature of the Linux kernel's memory
subsystem. An unprivileged local use could exploit the flaw to cause a
denial of service (crash the system). (CVE-2012-3511)
Instructions: After a standard system update you need to reboot your co
Ubuntu
Linux kernel (Natty backport) vulnerabilities
vendor_ubuntu·2012-09-19·CVSS 4.7
CVE-2012-2745 [MEDIUM] Linux kernel (Natty backport) vulnerabilities
Title: Linux kernel (Natty backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was found in how the Linux kernel passed the replacement session
keyring to a child process. An unprivileged local user could exploit this
flaw to cause a denial of service (panic). (CVE-2012-2745)
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
A flaw was discovered in the madvise feature of
Ubuntu
Linux kernel (Oneiric backport) vulnerabilities
vendor_ubuntu·2012-09-19·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel (Oneiric backport) vulnerabilities
Title: Linux kernel (Oneiric backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
r
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-09-14·CVSS 4.7
CVE-2012-2745 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was found in how the Linux kernel passed the replacement session
keyring to a child process. An unprivileged local user could exploit this
flaw to cause a denial of service (panic). (CVE-2012-2745)
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
A flaw was discovered in the madvise feature of the Linux kernel'
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-09-14·CVSS 7.8
CVE-2012-3412 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to to cause a denial of service. (CVE-2012-3412)
Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third
Red Hat
kernel: recv{from,msg}() on an rds socket can leak kernel memory
vendor_redhat·2012-07-23·CVSS 2.1
CVE-2012-3430 [LOW] kernel: recv{from,msg}() on an rds socket can leak kernel memory
kernel: recv{from,msg}() on an rds socket can leak kernel memory
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
Statement: The Red Hat Security Response Team has rated this issue as having low security
impact. A future kernel updates may address this issue. For additional
information, refer to the Issue Severity Classification:
https://access.redhat.com/security/updates/classification/.
Package: kernel (Red Hat Enterprise Linux 4) - Will not fix
Debian
CVE-2012-3430: linux - The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 doe...
vendor_debian·2012·CVSS 2.1
CVE-2012-3430 [LOW] CVE-2012-3430: linux - The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 doe...
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
Scope: local
bookworm: resolved (fixed in 3.2.29-1)
bullseye: resolved (fixed in 3.2.29-1)
forky: resolved (fixed in 3.2.29-1)
sid: resolved (fixed in 3.2.29-1)
trixie: resolved (fixed in 3.2.29-1)
GHSA
GHSA-63jf-wgmw-jw76: The rds_recvmsg function in net/rds/recv
ghsa_unreviewed·2022-05-17
CVE-2012-3430 [LOW] CWE-200 GHSA-63jf-wgmw-jw76: The rds_recvmsg function in net/rds/recv
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
OSV
CVE-2012-3430: The rds_recvmsg function in net/rds/recv
osv·2012-10-03·CVSS 2.1
CVE-2012-3430 [LOW] CVE-2012-3430: The rds_recvmsg function in net/rds/recv
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
No detection rules found.
Bugzilla
CVE-2012-3430 kernel: recv{from,msg}() on an rds socket can leak kernel memory [fedora-all]
bugzilla·2012-07-26·CVSS 2.1
CVE-2012-3430 [LOW] CVE-2012-3430 kernel: recv{from,msg}() on an rds socket can leak kernel memory [fedora-all]
CVE-2012-3430 kernel: recv{from,msg}() on an rds socket can leak kernel memory [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new
Bugzilla
CVE-2012-3430 kernel: recv{from,msg}() on an rds socket can leak kernel memory
bugzilla·2012-05-09·CVSS 2.1
CVE-2012-3430 [LOW] CVE-2012-3430 kernel: recv{from,msg}() on an rds socket can leak kernel memory
CVE-2012-3430 kernel: recv{from,msg}() on an rds socket can leak kernel memory
Two similar issues:
1) Reported by Jay Fenlason and Doug Ledford:
recvfrom() on an RDS socket can disclose sizeof(struct sockaddr_storage)-sizeof(struct sockaddr_in) bytes of kernel stack to userspace when receiving a datagram.
2) Reported by Jay Fenlason:
recv{from,msg}() on an RDS socket can disclose sizeof(struct sockaddr_storage)
bytes of kernel stack to userspace when other code paths are taken.
Discussion:
Statement:
The Red Hat Security Response Team has rated this issue as having low security
impact. A future kernel updates may address this issue. For additional
information, refer to the Issue Severity Classification:
https://access.redhat.com/security/updates/classification/.
---
Created kernel
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7http://rhn.redhat.com/errata/RHSA-2012-1323.htmlhttp://secunia.com/advisories/50633http://secunia.com/advisories/50732http://secunia.com/advisories/50811http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44http://www.openwall.com/lists/oss-security/2012/07/26/5http://www.ubuntu.com/usn/USN-1567-1http://www.ubuntu.com/usn/USN-1568-1http://www.ubuntu.com/usn/USN-1572-1http://www.ubuntu.com/usn/USN-1575-1http://www.ubuntu.com/usn/USN-1577-1http://www.ubuntu.com/usn/USN-1578-1http://www.ubuntu.com/usn/USN-1579-1http://www.ubuntu.com/usn/USN-1580-1https://bugzilla.redhat.com/show_bug.cgi?id=820039https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.htmlhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7http://rhn.redhat.com/errata/RHSA-2012-1323.htmlhttp://secunia.com/advisories/50633http://secunia.com/advisories/50732http://secunia.com/advisories/50811http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44http://www.openwall.com/lists/oss-security/2012/07/26/5http://www.ubuntu.com/usn/USN-1567-1http://www.ubuntu.com/usn/USN-1568-1http://www.ubuntu.com/usn/USN-1572-1http://www.ubuntu.com/usn/USN-1575-1http://www.ubuntu.com/usn/USN-1577-1http://www.ubuntu.com/usn/USN-1578-1http://www.ubuntu.com/usn/USN-1579-1http://www.ubuntu.com/usn/USN-1580-1https://bugzilla.redhat.com/show_bug.cgi?id=820039https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
2012-10-03
Published