CVE-2012-1097

Description

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8e252586f8d5de906385d8cf6385fee289a825e
• http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html
• http://rhn.redhat.com/errata/RHSA-2012-0481.html
• http://rhn.redhat.com/errata/RHSA-2012-0531.html
• http://secunia.com/advisories/48842
• http://secunia.com/advisories/48898
• http://secunia.com/advisories/48964
• http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10
• http://www.openwall.com/lists/oss-security/2012/03/05/1
• https://bugzilla.redhat.com/show_bug.cgi?id=799209
• https://github.com/torvalds/linux/commit/c8e252586f8d5de906385d8cf6385fee289a825e
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8e252586f8d5de906385d8cf6385fee289a825e
• http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html
• http://rhn.redhat.com/errata/RHSA-2012-0481.html
• http://rhn.redhat.com/errata/RHSA-2012-0531.html
• http://secunia.com/advisories/48842
• http://secunia.com/advisories/48898
• http://secunia.com/advisories/48964
• http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10
• http://www.openwall.com/lists/oss-security/2012/03/05/1
• https://bugzilla.redhat.com/show_bug.cgi?id=799209
• https://github.com/torvalds/linux/commit/c8e252586f8d5de906385d8cf6385fee289a825e

CWEs

CWE-476