[VIM] [CVENEW] New CVE CANs: 2013/03/14 16:00 ; count=19

coley at mitre.org coley at mitre.org
Thu Mar 14 15:04:25 CDT 2013


======================================================
Name: CVE-2012-6138
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6138
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121206
Category: 

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2012-6536,
CVE-2012-6537, CVE-2012-6538, CVE-2012-6539, CVE-2012-6540,
CVE-2012-6541, CVE-2012-6542, CVE-2012-6543, CVE-2012-6544,
CVE-2012-6545, CVE-2012-6546, CVE-2012-6547, CVE-2012-6548,
CVE-2012-6549.  Reason: This candidate is a duplicate of
CVE-2012-6536, CVE-2012-6537, CVE-2012-6538, CVE-2012-6539,
CVE-2012-6540, CVE-2012-6541, CVE-2012-6542, CVE-2012-6543,
CVE-2012-6544, CVE-2012-6545, CVE-2012-6546, CVE-2012-6547,
CVE-2012-6548, and CVE-2012-6549.  Notes: All CVE users should
reference one or more of CVE-2012-6536, CVE-2012-6537, CVE-2012-6538,
CVE-2012-6539, CVE-2012-6540, CVE-2012-6541, CVE-2012-6542,
CVE-2012-6543, CVE-2012-6544, CVE-2012-6545, CVE-2012-6546,
CVE-2012-6547, CVE-2012-6548, and CVE-2012-6549 instead of this
candidate.  All references and descriptions in this candidate have
been removed to prevent accidental usage.



======================================================
Name: CVE-2012-6536
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6536
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ecd7918745234e423dd87fcc0c077da557909720
Reference: CONFIRM:https://github.com/torvalds/linux/commit/ecd7918745234e423dd87fcc0c077da557909720
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify
that the actual Netlink message length is consistent with a certain
header field, which allows local users to obtain sensitive information
from kernel heap memory by leveraging the CAP_NET_ADMIN capability and
providing a (1) new or (2) updated state.



======================================================
Name: CVE-2012-6537
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6537
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1f86840f897717f86d523a13e99a447e6a5d2fa5
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7b789836f434c87168eab067cfbed1ec4783dffd
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f778a636713a435d3a922c60b1622a91136560c1
Reference: CONFIRM:https://github.com/torvalds/linux/commit/1f86840f897717f86d523a13e99a447e6a5d2fa5
Reference: CONFIRM:https://github.com/torvalds/linux/commit/7b789836f434c87168eab067cfbed1ec4783dffd
Reference: CONFIRM:https://github.com/torvalds/linux/commit/f778a636713a435d3a922c60b1622a91136560c1
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not
initialize certain structures, which allows local users to obtain
sensitive information from kernel memory by leveraging the
CAP_NET_ADMIN capability.



======================================================
Name: CVE-2012-6538
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6538
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4c87308bdea31a7b4828a51f6156e6f721a1fcc9
Reference: CONFIRM:https://github.com/torvalds/linux/commit/4c87308bdea31a7b4828a51f6156e6f721a1fcc9
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux
kernel before 3.6 uses an incorrect C library function for copying a
string, which allows local users to obtain sensitive information from
kernel heap memory by leveraging the CAP_NET_ADMIN capability.



======================================================
Name: CVE-2012-6539
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6539
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=43da5f2e0d0c69ded3d51907d9552310a6b545e8
Reference: CONFIRM:https://github.com/torvalds/linux/commit/43da5f2e0d0c69ded3d51907d9552310a6b545e8
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The dev_ifconf function in net/socket.c in the Linux kernel before 3.6
does not initialize a certain structure, which allows local users to
obtain sensitive information from kernel stack memory via a crafted
application.



======================================================
Name: CVE-2012-6540
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6540
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d8a041b7bfe1097af21441cb77d6af95f4f4680
Reference: CONFIRM:https://github.com/torvalds/linux/commit/2d8a041b7bfe1097af21441cb77d6af95f4f4680
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the
Linux kernel before 3.6 does not initialize a certain structure for
IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain
sensitive information from kernel stack memory via a crafted
application.



======================================================
Name: CVE-2012-6541
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6541
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7b07f8eb75aa3097cdfd4f6eac3da49db787381d
Reference: CONFIRM:https://github.com/torvalds/linux/commit/7b07f8eb75aa3097cdfd4f6eac3da49db787381d
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the
Linux kernel before 3.6 does not initialize a certain structure, which
allows local users to obtain sensitive information from kernel stack
memory via a crafted application.



======================================================
Name: CVE-2012-6542
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6542
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3592aaeb80290bda0f2cf0b5456c97bfc638b192
Reference: CONFIRM:https://github.com/torvalds/linux/commit/3592aaeb80290bda0f2cf0b5456c97bfc638b192
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel
before 3.6 has an incorrect return value in certain circumstances,
which allows local users to obtain sensitive information from kernel
stack memory via a crafted application that leverages an uninitialized
pointer argument.



======================================================
Name: CVE-2012-6543
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6543
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=04d4fbca1017c11381e7d82acea21dd741e748bc
Reference: CONFIRM:https://github.com/torvalds/linux/commit/04d4fbca1017c11381e7d82acea21dd741e748bc
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux
kernel before 3.6 does not initialize a certain structure member,
which allows local users to obtain sensitive information from kernel
stack memory via a crafted application.



======================================================
Name: CVE-2012-6544
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6544
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3f68ba07b1da811bf383b4b701b129bfcb2e4988
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=792039c73cf176c8e39a6e8beef2c94ff46522ed
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e15ca9a0ef9a86f0477530b0f44a725d67f889ee
Reference: CONFIRM:https://github.com/torvalds/linux/commit/3f68ba07b1da811bf383b4b701b129bfcb2e4988
Reference: CONFIRM:https://github.com/torvalds/linux/commit/792039c73cf176c8e39a6e8beef2c94ff46522ed
Reference: CONFIRM:https://github.com/torvalds/linux/commit/e15ca9a0ef9a86f0477530b0f44a725d67f889ee
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The Bluetooth protocol stack in the Linux kernel before 3.6 does not
properly initialize certain structures, which allows local users to
obtain sensitive information from kernel stack memory via a crafted
application that targets the (1) L2CAP or (2) HCI implementation.



======================================================
Name: CVE-2012-6545
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6545
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9344a972961d1a6d2c04d9008b13617bcb6ec2ef
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9ad2de43f1aee7e7274a4e0d41465489299e344b
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a
Reference: CONFIRM:https://github.com/torvalds/linux/commit/9344a972961d1a6d2c04d9008b13617bcb6ec2ef
Reference: CONFIRM:https://github.com/torvalds/linux/commit/9ad2de43f1aee7e7274a4e0d41465489299e344b
Reference: CONFIRM:https://github.com/torvalds/linux/commit/f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6
does not properly initialize certain structures, which allows local
users to obtain sensitive information from kernel memory via a crafted
application.



======================================================
Name: CVE-2012-6546
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6546
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3c0c5cfdcd4d69ffc4b9c0907cec99039f30a50a
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e862f1a9b7df4e8196ebec45ac62295138aa3fc2
Reference: CONFIRM:https://github.com/torvalds/linux/commit/3c0c5cfdcd4d69ffc4b9c0907cec99039f30a50a
Reference: CONFIRM:https://github.com/torvalds/linux/commit/e862f1a9b7df4e8196ebec45ac62295138aa3fc2
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The ATM implementation in the Linux kernel before 3.6 does not
initialize certain structures, which allows local users to obtain
sensitive information from kernel stack memory via a crafted
application.



======================================================
Name: CVE-2012-6547
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6547
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a117dacde0288f3ec60b6e5bcedae8fa37ee0dfc
Reference: CONFIRM:https://github.com/torvalds/linux/commit/a117dacde0288f3ec60b6e5bcedae8fa37ee0dfc
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel
before 3.6 does not initialize a certain structure, which allows local
users to obtain sensitive information from kernel stack memory via a
crafted application.



======================================================
Name: CVE-2012-6548
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6548
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0143fc5e9f6f5aad4764801015bc8d4b4a278200
Reference: CONFIRM:https://github.com/torvalds/linux/commit/0143fc5e9f6f5aad4764801015bc8d4b4a278200
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel
before 3.6 does not initialize a certain structure member, which
allows local users to obtain sensitive information from kernel heap
memory via a crafted application.



======================================================
Name: CVE-2012-6549
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6549
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130314
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fe685aabf7c8c9f138e5ea900954d295bf229175
Reference: CONFIRM:https://github.com/torvalds/linux/commit/fe685aabf7c8c9f138e5ea900954d295bf229175
Reference: CONFIRM:https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

The isofs_export_encode_fh function in fs/isofs/export.c in the Linux
kernel before 3.6 does not initialize a certain structure member,
which allows local users to obtain sensitive information from kernel
heap memory via a crafted application.



======================================================
Name: CVE-2013-1825
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1825
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2013-2546,
CVE-2013-2547, CVE-2013-2548.  Reason: This candidate is a duplicate
of CVE-2013-2546, CVE-2013-2547, and CVE-2013-2548.  Notes: All CVE
users should reference one or more of CVE-2013-2546, CVE-2013-2547,
and CVE-2013-2548 instead of this candidate.  All references and
descriptions in this candidate have been removed to prevent accidental
usage.



======================================================
Name: CVE-2013-2546
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2546
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130308
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
Reference: CONFIRM:https://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

The report API in the crypto user configuration API in the Linux
kernel through 3.8.2 uses an incorrect C library function for copying
strings, which allows local users to obtain sensitive information from
kernel stack memory by leveraging the CAP_NET_ADMIN capability.



======================================================
Name: CVE-2013-2547
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2547
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130308
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
Reference: CONFIRM:https://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

The crypto_report_one function in crypto/crypto_user.c in the report
API in the crypto user configuration API in the Linux kernel through
3.8.2 does not initialize certain structure members, which allows
local users to obtain sensitive information from kernel heap memory by
leveraging the CAP_NET_ADMIN capability.



======================================================
Name: CVE-2013-2548
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2548
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130308
Category: 
Reference: MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs
Reference: URL:http://www.openwall.com/lists/oss-security/2013/03/05/13
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6
Reference: CONFIRM:https://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

The crypto_report_one function in crypto/crypto_user.c in the report
API in the crypto user configuration API in the Linux kernel through
3.8.2 uses an incorrect length value during a copy operation, which
allows local users to obtain sensitive information from kernel memory
by leveraging the CAP_NET_ADMIN capability.





More information about the VIM mailing list