{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-05-18T00:00:00", "descriptions": [{"lang": "en", "value": "The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-08-19T15:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"}, {"name": "RHSA-2012:0743", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626"}, {"name": "[oss-security] 20120518 Re: CVE Request -- kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/18/11"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822821"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/26c191788f18129af0eb32a358cdaea0c7479626"}, {"name": "USN-1529-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://ubuntu.com/usn/usn-1529-1"}, {"name": "HPSBGN02970", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:34:26.040Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"}, {"name": "RHSA-2012:0743", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626"}, {"name": "[oss-security] 20120518 Re: CVE Request -- kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/18/11"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822821"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/26c191788f18129af0eb32a358cdaea0c7479626"}, {"name": "USN-1529-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://ubuntu.com/usn/usn-1529-1"}, {"name": "HPSBGN02970", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2373", "datePublished": "2012-08-09T10:00:00", "dateReserved": "2012-04-19T00:00:00", "dateUpdated": "2024-08-06T19:34:26.040Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x86:*", "matchCriteriaId": "41A75DAA-62E7-4616-B987-B7FB45E56709", "versionEndIncluding": "3.4.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "matchCriteriaId": "8C3D9C66-933A-469E-9073-75015A8AD17D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "matchCriteriaId": "C92F29A0-DEFF-49E4-AE86-5DBDAD51C677", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "matchCriteriaId": "5690A703-390D-4D8A-9258-2F47116DAB4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "matchCriteriaId": "AB1EDDA7-15AF-4B45-A931-DFCBB1EEB701", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "matchCriteriaId": "952FE0DC-B2ED-4080-BF29-A2C265E83FEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "matchCriteriaId": "1CE7ABDB-6572-40E8-B952-CBE52C999858", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "matchCriteriaId": "0F417186-D1ED-4A31-92B2-83DEDA1AF272", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "matchCriteriaId": "3D4FCFAE-918C-4886-9A17-08A5B94D35F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "matchCriteriaId": "830D2914-C9FE-406F-AFCE-7A04BB9E2896", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "matchCriteriaId": "F4B791B5-2EB5-403A-90CC-B219F6277D1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "matchCriteriaId": "2BA5F34D-7490-4B2B-A7E6-8450F9C1FC31", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition."}, {"lang": "es", "value": "El kernel de Linux anterior a v3.4.5 en la plataforma x86, cuando Physical Address Extension (PAE) est\u00e1 activada, no utiliza correctamente Page Middle Directory (PMD), permitiendo a usuarios locales causar una denegaci\u00f3n de servicio a trav\u00e9s de una aplicaci\u00f3n especialmente dise\u00f1ada que lanza una condici\u00f3n de carrera"}], "id": "CVE-2012-2373", "lastModified": "2024-11-21T01:38:58.390", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-09T10:29:46.917", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"}, {"source": "secalert@redhat.com", "url": "http://ubuntu.com/usn/usn-1529-1"}, {"source": "secalert@redhat.com", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/18/11"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822821"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/26c191788f18129af0eb32a358cdaea0c7479626"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ubuntu.com/usn/usn-1529-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/05/18/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822821"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/26c191788f18129af0eb32a358cdaea0c7479626"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:0743", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-220.23.1.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-06-18T00:00:00Z"}], "bugzilla": {"description": "kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition", "id": "822821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822821"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition."], "name": "CVE-2012-2373", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2012-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-2373\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-2373"], "statement": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG. Kernel update RHSA-2012:0743 https://rhn.redhat.com/errata/RHSA-2012-0743.html for Red Hat Enterprise Linux 6 did address this issue.", "threat_severity": "Moderate"}