VIR Vulnerability Intelligence Relay

CVE-2012-3430

low
Published 2012-10-03 · Modified 2026-04-29
CVSS v3
CVSS v2
2.1
VIR risk
2.1

Description

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-3430

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed3.2.29-1
debian debianbullseyefixed3.2.29-1
debian debianforkyfixed3.2.29-1
debian debiansidfixed3.2.29-1
debian debiantrixiefixed3.2.29-1
linux linux-kernelaffected
linux linux-kernel3.0.1affected
linux linux-kernel3.0.2affected
linux linux-kernel3.0.3affected
linux linux-kernel3.0.4affected
linux linux-kernel3.0.5affected
linux linux-kernel3.0.6affected
linux linux-kernel3.0.7affected
linux linux-kernel3.0.8affected
linux linux-kernel3.0.9affected
linux linux-kernel3.0.10affected
linux linux-kernel3.0.11affected
linux linux-kernel3.0.12affected
linux linux-kernel3.0.13affected
linux linux-kernel3.0.14affected
linux linux-kernel3.0.15affected
linux linux-kernel3.0.16affected
linux linux-kernel3.0.17affected
linux linux-kernel3.0.18affected
linux linux-kernel3.0.19affected
linux linux-kernel3.0.20affected
linux linux-kernel3.0.21affected
linux linux-kernel3.0.22affected
linux linux-kernel3.0.23affected
linux linux-kernel3.0.24affected
linux linux-kernel3.0.25affected
linux linux-kernel3.0.26affected
linux linux-kernel3.0.27affected
linux linux-kernel3.0.28affected
linux linux-kernel3.0.29affected
linux linux-kernel3.0.30affected
linux linux-kernel3.0.31affected
linux linux-kernel3.0.32affected
linux linux-kernel3.0.33affected
linux linux-kernel3.0.34affected
linux linux-kernel3.0.35affected
linux linux-kernel3.0.36affected
linux linux-kernel3.0.37affected
linux linux-kernel3.0.38affected
linux linux-kernel3.0.39affected
linux linux-kernel3.0.40affected
linux linux-kernel3.0.41affected
linux linux-kernel3.0.42affected

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.