Upstream information

CVE-2012-3510 at MITRE

Description

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.63
Vector AV:L/AC:L/Au:N/C:P/I:N/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact Complete
SUSE Bugzilla entry: 776888 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
  • kernel-kdump >= 2.6.16.60-0.99.1
sle10-sp4-sdk.ppc
sles10-sp4-debuginfo.ppc
sles10-sp4.ppc
ZYPP Patch Nr: 8323
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-iseries64 >= 2.6.16.60-0.99.1
  • kernel-kdump >= 2.6.16.60-0.99.1
  • kernel-ppc64 >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
sle10-sp4-sdk.ppc
sles10-sp4-debuginfo.ppc
sles10-sp4.ppc
ZYPP Patch Nr: 8323
SLE SDK 10 SP4 for IPF
  • kernel-debug >= 2.6.16.60-0.99.1
sles10-sp4.ia64
sles10-sp4-debuginfo.ia64
sle10-sp4-sdk.ia64
ZYPP Patch Nr: 8326
SUSE Linux Enterprise Server 10 SP4 for IPF
  • kernel-debug >= 2.6.16.60-0.99.1
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
sles10-sp4.ia64
sles10-sp4-debuginfo.ia64
sle10-sp4-sdk.ia64
ZYPP Patch Nr: 8326
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • kernel-default >= 2.6.16.60-0.113.1
  • kernel-source >= 2.6.16.60-0.113.1
  • kernel-syms >= 2.6.16.60-0.113.1
Builds
ZYPP Patch Nr: 8755
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
sles10-sp4-debuginfo.s390x
sles10-sp4.s390x
ZYPP Patch Nr: 8328
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • kernel-bigsmp >= 2.6.16.60-0.99.1
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-smp >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
  • kernel-xen >= 2.6.16.60-0.99.1
  • kernel-xenpae >= 2.6.16.60-0.99.1
sle10-sp4-sdk.x86
sled10-sp4.x86
sles10-sp4.x86
sles10-sp4-debuginfo.x86
ZYPP Patch Nr: 8325
SLE SDK 10 SP4 for x86
  • kernel-debug >= 2.6.16.60-0.99.1
  • kernel-kdump >= 2.6.16.60-0.99.1
  • kernel-xen >= 2.6.16.60-0.99.1
  • kernel-xenpae >= 2.6.16.60-0.99.1
sle10-sp4-sdk.x86
sled10-sp4.x86
sles10-sp4.x86
sles10-sp4-debuginfo.x86
ZYPP Patch Nr: 8325
SUSE Linux Enterprise Server 10 SP4 for x86
  • kernel-bigsmp >= 2.6.16.60-0.99.1
  • kernel-debug >= 2.6.16.60-0.99.1
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-kdump >= 2.6.16.60-0.99.1
  • kernel-kdumppae >= 2.6.16.60-0.99.1
  • kernel-smp >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
  • kernel-vmi >= 2.6.16.60-0.99.1
  • kernel-vmipae >= 2.6.16.60-0.99.1
  • kernel-xen >= 2.6.16.60-0.99.1
  • kernel-xenpae >= 2.6.16.60-0.99.1
sle10-sp4-sdk.x86
sled10-sp4.x86
sles10-sp4.x86
sles10-sp4-debuginfo.x86
ZYPP Patch Nr: 8325
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
  • kernel-debug >= 2.6.16.60-0.113.1
  • kernel-default >= 2.6.16.60-0.113.1
  • kernel-kdump >= 2.6.16.60-0.113.1
  • kernel-smp >= 2.6.16.60-0.113.1
  • kernel-source >= 2.6.16.60-0.113.1
  • kernel-syms >= 2.6.16.60-0.113.1
  • kernel-xen >= 2.6.16.60-0.113.1
Builds
ZYPP Patch Nr: 8756
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-smp >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
  • kernel-xen >= 2.6.16.60-0.99.1
sle10-sp4-sdk.x86-64
sles10-sp4-debuginfo.x86-64
sles10-sp4.x86-64
sled10-sp4.x86-64
ZYPP Patch Nr: 8324
SLE SDK 10 SP4 for X86-64
  • kernel-debug >= 2.6.16.60-0.99.1
  • kernel-kdump >= 2.6.16.60-0.99.1
  • kernel-xen >= 2.6.16.60-0.99.1
sle10-sp4-sdk.x86-64
sles10-sp4-debuginfo.x86-64
sles10-sp4.x86-64
sled10-sp4.x86-64
ZYPP Patch Nr: 8324
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
  • kernel-debug >= 2.6.16.60-0.99.1
  • kernel-default >= 2.6.16.60-0.99.1
  • kernel-kdump >= 2.6.16.60-0.99.1
  • kernel-smp >= 2.6.16.60-0.99.1
  • kernel-source >= 2.6.16.60-0.99.1
  • kernel-syms >= 2.6.16.60-0.99.1
  • kernel-xen >= 2.6.16.60-0.99.1
sle10-sp4-sdk.x86-64
sles10-sp4-debuginfo.x86-64
sles10-sp4.x86-64
sled10-sp4.x86-64
ZYPP Patch Nr: 8324
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • kernel-bigsmp >= 2.6.16.60-0.113.1
  • kernel-debug >= 2.6.16.60-0.113.1
  • kernel-default >= 2.6.16.60-0.113.1
  • kernel-kdump >= 2.6.16.60-0.113.1
  • kernel-kdumppae >= 2.6.16.60-0.113.1
  • kernel-smp >= 2.6.16.60-0.113.1
  • kernel-source >= 2.6.16.60-0.113.1
  • kernel-syms >= 2.6.16.60-0.113.1
  • kernel-vmi >= 2.6.16.60-0.113.1
  • kernel-vmipae >= 2.6.16.60-0.113.1
  • kernel-xen >= 2.6.16.60-0.113.1
  • kernel-xenpae >= 2.6.16.60-0.113.1
Builds
ZYPP Patch Nr: 8754