Launchpad.net

CVE 2012-6538

The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Related bugs and status

CVE-2012-6538 (Candidate) is related to these bugs:

Bug #1156725: CVE-2012-6538

		In	Importance	Status
1156725	CVE-2012-6538	linux (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-fsl-imx51 (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-mvl-dove (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu)	Undecided	Invalid
1156725	CVE-2012-6538	linux-ti-omap4 (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-ec2 (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Raring)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Raring)	Undecided	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Quantal)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Quantal)	Undecided	Invalid
1156725	CVE-2012-6538	linux (Ubuntu Precise)	Low	Fix Released
1156725	CVE-2012-6538	linux-ec2 (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-fsl-imx51 (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Precise)	Undecided	Invalid
1156725	CVE-2012-6538	linux-mvl-dove (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-ti-omap4 (Ubuntu Precise)	Low	Fix Released
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Lucid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Lucid)	Undecided	Won't Fix
1156725	CVE-2012-6538	linux-armadaxp (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-armadaxp (Ubuntu Precise)	Low	Fix Released
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Lucid)	Low	Fix Released
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Quantal)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Raring)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-quantal (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-quantal (Ubuntu Precise)	Low	Won't Fix
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Saucy)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Saucy)	Undecided	Invalid
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Saucy)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-raring (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-raring (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-trusty (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-trusty (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-armadaxp (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-ec2 (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-fsl-imx51 (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Trusty)	Undecided	New
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Trusty)	Undecided	New
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Trusty)	Undecided	New
1156725	CVE-2012-6538	linux-lts-quantal (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-raring (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-trusty (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-mvl-dove (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-ti-omap4 (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Utopic)	Undecided	Won't Fix
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Utopic)	Undecided	Won't Fix
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Utopic)	Undecided	Won't Fix
1156725	CVE-2012-6538	linux (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-armadaxp (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-ec2 (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-fsl-imx51 (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-maverick (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-backport-natty (Ubuntu Vivid)	Undecided	Invalid
1156725	CVE-2012-6538	linux-lts-backport-oneiric (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-quantal (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-raring (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-trusty (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-mvl-dove (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-ti-omap4 (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-goldfish (Ubuntu)	Low	Invalid
1156725	CVE-2012-6538	linux-goldfish (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-goldfish (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-goldfish (Ubuntu Vivid)	Low	Invalid
1156725	CVE-2012-6538	linux-lts-saucy (Ubuntu)	Undecided	New
1156725	CVE-2012-6538	linux-lts-saucy (Ubuntu Precise)	Undecided	Won't Fix
1156725	CVE-2012-6538	linux-lts-saucy (Ubuntu Trusty)	Undecided	New
1156725	CVE-2012-6538	linux-lts-saucy (Ubuntu Vivid)	Undecided	Won't Fix
1156725	CVE-2012-6538	linux-flo (Ubuntu)	Low	New
1156725	CVE-2012-6538	linux-flo (Ubuntu Precise)	Low	Invalid
1156725	CVE-2012-6538	linux-flo (Ubuntu Trusty)	Low	Invalid
1156725	CVE-2012-6538	linux-flo (Ubuntu Vivid)	Low	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-6538

Related bugs and status

Related bugs

References