The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-03-14T20:00:00Z

Updated: 2024-09-17T01:36:53.362Z

Reserved: 2013-03-14T00:00:00Z

Link: CVE-2012-6543

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-03-15T20:55:07.587

Modified: 2024-11-21T01:46:19.890

Link: CVE-2012-6543

cve-icon Redhat

Severity : Low

Publid Date: 2012-08-15T00:00:00Z

Links: CVE-2012-6543 - Bugzilla