{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-27T21:39:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"tags": ["x_refsource_MISC"], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"tags": ["x_refsource_MISC"], "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6712", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4", "refsource": "MISC", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"name": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4", "refsource": "MISC", "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:36:02.060Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-6712", "datePublished": "2019-07-27T21:39:23", "dateReserved": "2019-07-27T00:00:00", "dateUpdated": "2024-08-06T21:36:02.060Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6D146FC-F039-4EBE-B4EC-B76476932290", "versionEndExcluding": "3.4", "versionStartIncluding": "2.6.27", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption."}, {"lang": "es", "value": "En el kernel de Linux anterior a versi\u00f3n 3.4, ocurre un desbordamiento de b\u00fafer en el archivo drivers/net/wireless/iwlwifi/iwl-agn-sta.c, que causar\u00e1 al menos una corrupci\u00f3n de memoria."}], "id": "CVE-2012-6712", "lastModified": "2024-11-21T01:46:44.160", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-27T22:15:11.323", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: buffer overflow in drivers/net/wireless/iwlwifi/iwl-agn-sta.c", "id": "1735642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735642"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.2", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.", "A vulnerability was found in the Linux kernel\u2019s Intel wireless driver (drivers/net/wireless/iwlwifi/iwl-agn-sta.c) where the driver could be forced to connect to an invalid station. An attacker could use this flaw to corrupt memory or create a situation allowing for privilege escalation."], "name": "CVE-2012-6712", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2019-07-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-6712\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-6712"], "statement": "The patch committed by upstream will prevent the misuse of the invalid station id, however it does not prevent the incorrect state being entered. Red Hat Enterprise Linux 6,7 and 8 are not affected by this flaw. Red Hat Enterprise Linux 5 does not have the \"fix\" applied and may be vulnerable to this flaw. Red Hat does not have plans to fix EL5 at this stage in its lifecycle.\nThis flaw only applies to systems running and using the intel iwlwifi driver.", "threat_severity": "Moderate"}