Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3364

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-3364
Last Modified 29 Jan 2013 12:00:00
Published 22 Jan 2013 06:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3364

Summary

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.

Vulnerable Systems

Operating System

  • Linux Kernel 3.4

  • Linux Kernel 3.4.1

  • Linux Kernel 3.4.2

  • Linux Kernel 3.4.3

  • Linux Kernel 3.4.4


References

CONFIRM - https://github.com/torvalds/linux/commit/67de956ff5dc1d4f321e16cfbd63f5be3b691b43

MLIST - [oss-security] 20120627 Re: CVE Request: Kernel [PATCH] NFC: prevent multiple buffer overflows in NCI

CONFIRM - http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5

UBUNTU - USN-1529-1

MLIST - [linux-kernel] 20120612 [PATCH] NFC: prevent multiple buffer overflows in NCI

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=67de956ff5dc1d4f321e16cfbd63f5be3b691b43


Last Updated: 27 May 2016 10:49:53