CVE-2012-6537

Updated: 2024-07-12

CWE: Information Leak / Disclosure

Description:

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

CVSS3:


Vendor State

OS Vendor version Errata
RHEL 6 2.6.32-358.6.1.el6 RHSA-2013:0744
CentOS 6 2.6.32-358.6.1.el6 CESA-2013:0744
CentOS 6 plus 2.6.32-358.6.1.el6.centos.plus CESA-2013:0744
Oracle Linux 6 2.6.32-358.6.1.el6 ELSA-2013-0744
Scientific 6 2.6.32-358.6.1.el6 CESA-2013:0744

KernelCare State

OS Original kernel version State
RHEL 6
2.6.32-279.11.1.el6 show all hide all
2.6.32-279.14.1.el6 2.6.32-279.19.1.el6 2.6.32-279.2.1.el6 2.6.32-279.22.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-279.9.1.el6 2.6.32-358.0.1.el6 2.6.32-358.2.1.el6 2.6.32-358.el6
Released
CentOS 6
2.6.32-279.14.1.el6 show all hide all
2.6.32-358.2.1.el6 2.6.32-358.0.1.el6 2.6.32-279.9.1.el6 2.6.32-279.11.1.el6 2.6.32-279.22.1.el6 2.6.32-358.el6 2.6.32-279.2.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-279.19.1.el6
Released
CentOS 6 plus
2.6.32-358.0.1.el6.centos.plus show all hide all
2.6.32-279.19.1.el6.centos.plus 2.6.32-279.9.1.el6.centos.plus 2.6.32-279.11.1.el6.centos.plus 2.6.32-279.22.1.el6.centos.plus 2.6.32-358.2.1.el6.centos.plus 2.6.32-279.2.1.el6.centos.plus 2.6.32-279.5.1.el6.centos.plus 2.6.32-279.5.2.el6.centos.plus 2.6.32-358.el6.centos.plus 2.6.32-279.14.1.el6.centos.plus
Released
Oracle Linux 6
2.6.32-279.2.1.el6 show all hide all
2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-358.0.1.el6 2.6.32-358.2.1.el6 2.6.32-279.19.1.el6 2.6.32-279.11.1.el6 2.6.32-279.9.1.el6 2.6.32-279.22.1.el6 2.6.32-358.el6 2.6.32-279.14.1.el6
Released
CloudLinux OS 6
2.6.32-379.22.1.lve1.2.17.1.el6 show all hide all
2.6.32-379.22.1.lve1.2.17.el6
Released
OpenVZ 6
Ready For Release
Scientific 6
2.6.32-358.2.1.el6 show all hide all
2.6.32-279.14.1.el6 2.6.32-279.2.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-279.22.1.el6 2.6.32-279.19.1.el6 2.6.32-279.9.1.el6 2.6.32-279.11.1.el6 2.6.32-358.el6 2.6.32-358.0.1.el6
Released
OEL 6 Dell
Ready For Release
Debian 10 cloud
Will Not Fix
Debian 9 backports
Will Not Fix