CVE-2012-1097

CVSS v3.1 7.8 (High)

CVSS v2.0 7.2 (High)

EPSS 0.04 % (5^th)

Affected Products 6

Advisories 32

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2012-05-17 11:00:37
(12 years ago)
Updated Date: 2023-02-13 04:32:55
(19 months ago)

Affected Products

Linux

Linux Kernel

Redhat

Suse

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 3.0.24 version	cpe:2.3:o:linux:linux_kernel		< 3.0.24
	Linux Kernel from 3.1 version and prior 3.2.10 version	cpe:2.3:o:linux:linux_kernel	>= 3.1	< 3.2.10

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux 4.0	cpe:2.3:o:redhat:enterprise_linux:4.0
	Redhat Enterprise Mrg 2.0	cpe:2.3:o:redhat:enterprise_mrg:2.0

Configuration #3

		CPE23	From	Up To
	Suse Linux Enterprise Desktop 11 SP1	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1
	Suse Linux Enterprise Desktop 11 SP2	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2
	Suse Linux Enterprise High Availability Extension 11 SP1	cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp1
	Suse Linux Enterprise High Availability Extension 11 SP2	cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp2
	Suse Linux Enterprise Server 11 SP1 for Vmware	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::*:vmware
	Suse Linux Enterprise Server 11 SP1	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::-
	Suse Linux Enterprise Server 11 SP2 for Vmware	cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::*:vmware
	Suse Linux Enterprise Server 11 SP2	cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::-