Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-6712

Опубликовано: 27 июл. 2019
Источник: redhat
CVSS3: 6.2
EPSS Низкий

Описание

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

A vulnerability was found in the Linux kernel’s Intel wireless driver (drivers/net/wireless/iwlwifi/iwl-agn-sta.c) where the driver could be forced to connect to an invalid station. An attacker could use this flaw to corrupt memory or create a situation allowing for privilege escalation.

Отчет

The patch committed by upstream will prevent the misuse of the invalid station id, however it does not prevent the incorrect state being entered. Red Hat Enterprise Linux 6,7 and 8 are not affected by this flaw. Red Hat Enterprise Linux 5 does not have the "fix" applied and may be vulnerable to this flaw. Red Hat does not have plans to fix EL5 at this stage in its lifecycle. This flaw only applies to systems running and using the intel iwlwifi driver.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-120
https://bugzilla.redhat.com/show_bug.cgi?id=1735642kernel: buffer overflow in drivers/net/wireless/iwlwifi/iwl-agn-sta.c

EPSS

Процентиль: 72%
0.00736
Низкий

6.2 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2012-6712

CVSS3: 9.8
ubuntu
больше 6 лет назад

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

nvd логотип

CVE-2012-6712

CVSS3: 9.8
nvd
больше 6 лет назад

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

debian логотип

CVE-2012-6712

CVSS3: 9.8
debian
больше 6 лет назад

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/ne ...

github логотип

GHSA-897x-q5qv-p8xf

CVSS3: 9.8
github
почти 4 года назад

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

EPSS

Процентиль: 72%
0.00736
Низкий

6.2 Medium

CVSS3