CVE-2012-6544
CVE-2012-6544
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f68ba07b1da811bf383b4b701b129bfcb2e4988http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=792039c73cf176c8e39a6e8beef2c94ff46522edhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e15ca9a0ef9a86f0477530b0f44a725d67f889eehttp://rhn.redhat.com/errata/RHSA-2013-1173.htmlhttps://github.com/torvalds/linux/commit/3f68ba07b1da811bf383b4b701b129bfcb2e4988https://github.com/torvalds/linux/commit/792039c73cf176c8e39a6e8beef2c94ff46522edhttps://github.com/torvalds/linux/commit/e15ca9a0ef9a86f0477530b0f44a725d67f889eehttps://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2http://www.openwall.com/lists/oss-security/2013/03/05/13http://www.ubuntu.com/usn/USN-1805-1http://www.ubuntu.com/usn/USN-1808-1