CVE-2012-3510

Common Vulnerabilities and Exposures

Upstream information

CVE-2012-3510 at MITRE

Description

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

NVD CVSS v2 Base Score: 5.6 (AV:L/AC:L/Au:N/C:P/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 776888

SUSE Security Advisories:

SUSE-SU-2012:1391-1, published Wed, 24 Oct 2012 09:08:54 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM POWER	`kernel-default-debuginfo >= 2.6.16.60-0.99.1` `kernel-iseries64-debuginfo >= 2.6.16.60-0.99.1` `kernel-kdump-debuginfo >= 2.6.16.60-0.99.1` `kernel-ppc64-debuginfo >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.ppc sles10-sp4-debuginfo.ppc sles10-sp4.ppc ZYPP Patch Nr: 8323
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries	`kernel-kdump >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.ppc sles10-sp4-debuginfo.ppc sles10-sp4.ppc ZYPP Patch Nr: 8323
SUSE Linux Enterprise Server 10 SP4 for IBM POWER	`kernel-default >= 2.6.16.60-0.99.1` `kernel-iseries64 >= 2.6.16.60-0.99.1` `kernel-kdump >= 2.6.16.60-0.99.1` `kernel-ppc64 >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.ppc sles10-sp4-debuginfo.ppc sles10-sp4.ppc ZYPP Patch Nr: 8323
SUSE Linux Enterprise 10 SP4 DEBUGINFO for IPF	`kernel-debug-debuginfo >= 2.6.16.60-0.99.1` `kernel-default-debuginfo >= 2.6.16.60-0.99.1` `kernel-source-debuginfo >= 2.6.16.60-0.99.1`	sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8326
SLE SDK 10 SP4 for IPF	`kernel-debug >= 2.6.16.60-0.99.1`	sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8326
SUSE Linux Enterprise Server 10 SP4 for IPF	`kernel-debug >= 2.6.16.60-0.99.1` `kernel-default >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1`	sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8326
SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM zSeries 64bit	`kernel-default-debuginfo >= 2.6.16.60-0.99.1`	sles10-sp4-debuginfo.s390x sles10-sp4.s390x ZYPP Patch Nr: 8328
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit	`kernel-default >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1`	sles10-sp4-debuginfo.s390x sles10-sp4.s390x ZYPP Patch Nr: 8328
SUSE Linux Enterprise Desktop 10 SP4 for x86	`kernel-bigsmp >= 2.6.16.60-0.99.1` `kernel-default >= 2.6.16.60-0.99.1` `kernel-smp >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1` `kernel-xen >= 2.6.16.60-0.99.1` `kernel-xenpae >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325
SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86	`kernel-bigsmp-debuginfo >= 2.6.16.60-0.99.1` `kernel-debug-debuginfo >= 2.6.16.60-0.99.1` `kernel-default-debuginfo >= 2.6.16.60-0.99.1` `kernel-kdump-debuginfo >= 2.6.16.60-0.99.1` `kernel-kdumppae-debuginfo >= 2.6.16.60-0.99.1` `kernel-smp-debuginfo >= 2.6.16.60-0.99.1` `kernel-source-debuginfo >= 2.6.16.60-0.99.1` `kernel-vmi-debuginfo >= 2.6.16.60-0.99.1` `kernel-vmipae-debuginfo >= 2.6.16.60-0.99.1` `kernel-xen-debuginfo >= 2.6.16.60-0.99.1` `kernel-xenpae-debuginfo >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325
SLE SDK 10 SP4 for x86	`kernel-debug >= 2.6.16.60-0.99.1` `kernel-kdump >= 2.6.16.60-0.99.1` `kernel-xen >= 2.6.16.60-0.99.1` `kernel-xenpae >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325
SUSE Linux Enterprise Server 10 SP4 for x86	`kernel-bigsmp >= 2.6.16.60-0.99.1` `kernel-debug >= 2.6.16.60-0.99.1` `kernel-default >= 2.6.16.60-0.99.1` `kernel-kdump >= 2.6.16.60-0.99.1` `kernel-kdumppae >= 2.6.16.60-0.99.1` `kernel-smp >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1` `kernel-vmi >= 2.6.16.60-0.99.1` `kernel-vmipae >= 2.6.16.60-0.99.1` `kernel-xen >= 2.6.16.60-0.99.1` `kernel-xenpae >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T	`kernel-default >= 2.6.16.60-0.99.1` `kernel-smp >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1` `kernel-xen >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324
SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T	`kernel-debug-debuginfo >= 2.6.16.60-0.99.1` `kernel-default-debuginfo >= 2.6.16.60-0.99.1` `kernel-kdump-debuginfo >= 2.6.16.60-0.99.1` `kernel-smp-debuginfo >= 2.6.16.60-0.99.1` `kernel-source-debuginfo >= 2.6.16.60-0.99.1` `kernel-xen-debuginfo >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324
SLE SDK 10 SP4 for X86-64	`kernel-debug >= 2.6.16.60-0.99.1` `kernel-kdump >= 2.6.16.60-0.99.1` `kernel-xen >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T	`kernel-debug >= 2.6.16.60-0.99.1` `kernel-default >= 2.6.16.60-0.99.1` `kernel-kdump >= 2.6.16.60-0.99.1` `kernel-smp >= 2.6.16.60-0.99.1` `kernel-source >= 2.6.16.60-0.99.1` `kernel-syms >= 2.6.16.60-0.99.1` `kernel-xen >= 2.6.16.60-0.99.1`	sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy