CVE-2012-6544
Published: March 15, 2013Last modified: November 10, 2023
Description
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Not affected (6.1.50-r0) |
| Stream | linux-lts | Not affected (6.1.50-r0) |
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f68ba07b1da811bf383b4b701b129bfcb2e4988
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=792039c73cf176c8e39a6e8beef2c94ff46522ed
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e15ca9a0ef9a86f0477530b0f44a725d67f889ee
- http://rhn.redhat.com/errata/RHSA-2013-1173.html
- http://www.openwall.com/lists/oss-security/2013/03/05/13
- http://www.ubuntu.com/usn/USN-1805-1
- http://www.ubuntu.com/usn/USN-1808-1
- https://github.com/torvalds/linux/commit/3f68ba07b1da811bf383b4b701b129bfcb2e4988
- https://github.com/torvalds/linux/commit/792039c73cf176c8e39a6e8beef2c94ff46522ed
- https://github.com/torvalds/linux/commit/e15ca9a0ef9a86f0477530b0f44a725d67f889ee
- https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2