CVE-2012-4530
published 2013-02-18CVE-2012-4530: The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain…
PriorityP412low2.1CVSS 2.0
AVLACLAuNCPINAN
EXPLOIT
EPSS
0.88%
54.6th percentile
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Affected
144 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 3.2.35-1 (bookworm) | linux 3.2.35-1 (bookworm) |
| linux | linux_kernel | <= 3.7.1 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW
vendor_ubuntu4.9MEDIUM
vendor_debian2.1LOW
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel (OMAP4) regression
vendor_ubuntu·2013-02-01·CVSS 2.1
[LOW] Linux kernel (OMAP4) regression
Title: Linux kernel (OMAP4) regression
Summary: USN-1698-1 introduced a regression in the Linux kernel.
USN-1698-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated
regression inotify/fanotify stopped working after upgrading. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
Florian Weimer discovered that hypervkvpd, which is distributed in the
Linux kernel, was not correctly validating source addresses of netlink
packets. An untrusted local user can cause a denial of service by causing
hypervkvpd to exit. (CVE-2012-5532)
Inst
Ubuntu
Linux kernel (Quantal HWE) regression
vendor_ubuntu·2013-02-01·CVSS 4.9
[MEDIUM] Linux kernel (Quantal HWE) regression
Title: Linux kernel (Quantal HWE) regression
Summary: USN-1704-1 introduced a regression in the Linux kernel.
USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated
regression inotify/fanotify stopped working after upgrading. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An
unprivileged user could exploit this flaw to read kernel stack memory.
(CVE-2012-0957)
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
Dmitry Monakho
Ubuntu
Linux kernel (OMAP4) regression
vendor_ubuntu·2013-02-01·CVSS 2.1
[LOW] Linux kernel (OMAP4) regression
Title: Linux kernel (OMAP4) regression
Summary: USN-1700-1 introduced a regression in the Linux kernel.
USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated
regression inotify/fanotify stopped working after upgrading. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
Florian Weimer discovered that hypervkvpd, which is distributed in the
Linux kernel, was not correctly validating source addresses of netlink
packets. An untrusted local user can cause a denial of service by causing
hypervkvpd to exit. (CVE-2012-5532)
Inst
Ubuntu
Linux kernel regression
vendor_ubuntu·2013-02-01·CVSS 1.9
[LOW] Linux kernel regression
Title: Linux kernel regression
Summary: USN-1699-1 introduced a regression in the Linux kernel.
USN-1699-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated
regression inotify/fanotify stopped working after upgrading. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE CPU feature. On hosts without the
XSAVE CPU feature, using qemu userspace, an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack conten
Ubuntu
Linux kernel regression
vendor_ubuntu·2013-02-01·CVSS 1.9
[LOW] Linux kernel regression
Title: Linux kernel regression
Summary: USN-1696-1 introduced a regression in the Linux kernel.
USN-1696-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated
regression inotify/fanotify stopped working after upgrading. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE
Ubuntu
Linux kernel (Quantal HWE) vulnerabilities
vendor_ubuntu·2013-01-22·CVSS 4.9
CVE-2012-0957 [MEDIUM] Linux kernel (Quantal HWE) vulnerabilities
Title: Linux kernel (Quantal HWE) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An
unprivileged user could exploit this flaw to read kernel stack memory.
(CVE-2012-0957)
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem
that can expose stale data. An unprivileged user could exploit this flaw to
cause an information leak. (CVE-2012-4508)
A flaw was discovered in the Linux kernel's handling o
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2013-01-18·CVSS 1.9
CVE-2012-4461 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
Florian Weimer discovered that hypervkvpd, which is distributed in the
Linux kernel, was not correctly validating source addresses of netlink
packets. An untrusted local user can cause a denial of service by causing
hype
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2013-01-18·CVSS 2.1
CVE-2012-4530 [LOW] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
Florian Weimer discovered that hypervkvpd, which is distributed in the
Linux kernel, was not correctly validating source addresses of netlink
packets. An untrusted local user can cause a denial of service by causing
hypervkvpd to exit. (CVE-2012-5532)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to
Ubuntu
Linux kernel (OMAP4) vulnerability
vendor_ubuntu·2013-01-15
CVE-2012-4530 Linux kernel (OMAP4) vulnerability
Title: Linux kernel (OMAP4) vulnerability
Summary: The system could be made to leak data on the kernel stack.
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kern
Ubuntu
Linux kernel (Oneiric backport) vulnerabilities
vendor_ubuntu·2013-01-15·CVSS 1.9
CVE-2012-4461 [LOW] Linux kernel (Oneiric backport) vulnerabilities
Title: Linux kernel (Oneiric backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new ve
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2013-01-15·CVSS 1.9
CVE-2012-4461 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which
Ubuntu
Linux kernel (EC2) vulnerability
vendor_ubuntu·2013-01-10
CVE-2012-4530 Linux kernel (EC2) vulnerability
Title: Linux kernel (EC2) vulnerability
Summary: The system could be made to leak sensitive system information.
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Ubuntu
Linux kernel vulnerability
vendor_ubuntu·2013-01-10
CVE-2012-4530 Linux kernel vulnerability
Title: Linux kernel vulnerability
Summary: The system could be made to leak sensitive system information.
A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Red Hat
kernel: stack disclosure in binfmt_script load_script()
vendor_redhat·2012-08-18·CVSS 2.1
CVE-2012-4530 [LOW] kernel: stack disclosure in binfmt_script load_script()
kernel: stack disclosure in binfmt_script load_script()
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Statement: This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 5.
This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.
This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise MRG 2.
Package: kernel (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2012-4530: linux - The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 ...
vendor_debian·2012·CVSS 2.1
CVE-2012-4530 [LOW] CVE-2012-4530: linux - The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 ...
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Scope: local
bookworm: resolved (fixed in 3.2.35-1)
bullseye: resolved (fixed in 3.2.35-1)
forky: resolved (fixed in 3.2.35-1)
sid: resolved (fixed in 3.2.35-1)
trixie: resolved (fixed in 3.2.35-1)
GHSA
GHSA-6h9c-8q58-r73q: The load_script function in fs/binfmt_script
ghsa_unreviewed·2022-05-17
CVE-2012-4530 [LOW] CWE-200 GHSA-6h9c-8q58-r73q: The load_script function in fs/binfmt_script
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
OSV
CVE-2012-4530: The load_script function in fs/binfmt_script
osv·2013-02-18·CVSS 2.1
CVE-2012-4530 [LOW] CVE-2012-4530: The load_script function in fs/binfmt_script
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
No detection rules found.
Bugzilla
CVE-2012-4530 kernel: stack disclosure in binfmt_script load_script() [fedora-all]
bugzilla·2012-11-26·CVSS 2.1
CVE-2012-4530 [LOW] CVE-2012-4530 kernel: stack disclosure in binfmt_script load_script() [fedora-all]
CVE-2012-4530 kernel: stack disclosure in binfmt_script load_script() [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issu
Bugzilla
CVE-2012-4530 kernel: stack disclosure in binfmt_script load_script()
bugzilla·2012-10-19·CVSS 2.1
CVE-2012-4530 [LOW] CVE-2012-4530 kernel: stack disclosure in binfmt_script load_script()
CVE-2012-4530 kernel: stack disclosure in binfmt_script load_script()
A memory disclosure flaw has been found in the way binfmt_script load_script()
function handled excessive recursions. An unprivileged local user could use
this flaw to leak kernel memory.
References:
- http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/
- https://lkml.org/lkml/2012/8/18/75
Proposed upstream fix:
- https://lkml.org/lkml/2012/9/23/29
Discussion:
Statement:
This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 5.
This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.
This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise MRG 2.
---
This has been assigned the na
Bugzilla
CVE-2012-1180 nginx: malformed HTTP response headers leads to information leak
bugzilla·2012-03-15·CVSS 5.0
CVE-2012-1180 [MEDIUM] CVE-2012-1180 nginx: malformed HTTP response headers leads to information leak
CVE-2012-1180 nginx: malformed HTTP response headers leads to information leak
A flaw was reported [1] in nginx versions prior to 1.0.14 and 1.1.17 where contents of previously freed memory could be sent to a client if an upstream server returned a specially crafted HTTP response. This could potentially leak sensitive information to the HTTP client.
This has been corrected upstream [2],[3] and a patch [4] is available for earlier versions of nginx.
[1] http://seclists.org/bugtraq/2012/Mar/65
[2] http://trac.nginx.org/nginx/changeset/4530/nginx
[3] http://trac.nginx.org/nginx/changeset/4531/nginx
[4] http://nginx.org/download/patch.2012.memory.txt
Discussion:
Created nginx tracking bugs for this issue
Affects: fedora-all [bug 803858]
Affects: epel-all [bug 803859]
---
nginx-1.0.14-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b66c5984017533316fd1951770302649baf1aa33http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0223.htmlhttp://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2http://www.openwall.com/lists/oss-security/2012/10/19/3https://bugzilla.redhat.com/show_bug.cgi?id=868285https://github.com/torvalds/linux/commit/b66c5984017533316fd1951770302649baf1aa33http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b66c5984017533316fd1951770302649baf1aa33http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0223.htmlhttp://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2http://www.openwall.com/lists/oss-security/2012/10/19/3https://bugzilla.redhat.com/show_bug.cgi?id=868285https://github.com/torvalds/linux/commit/b66c5984017533316fd1951770302649baf1aa33
2013-02-18
Published