Home > Vulnerability Database > CVE-2012-6545

Mend.io Vulnerability Database

CVE-2012-6545

Good to know:

Date: March 14, 2013

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Language: C

Severity Score

2.9

Related Resources (15)

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ad2de43f1aee7e7274a4e0d41465489299e344b

Url: https://access.redhat.com/security/cve/CVE-2012-6545

Url: http://rhn.redhat.com/errata/RHSA-2013-1645.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2012-6545

Url: https://github.com/torvalds/linux/commit/9ad2de43f1aee7e7274a4e0d41465489299e344b

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a

Url: http://www.ubuntu.com/usn/USN-1808-1

Url: http://www.ubuntu.com/usn/USN-1805-1

Url: http://www.openwall.com/lists/oss-security/2013/03/05/13

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2012-6545

Url: https://github.com/torvalds/linux/commit/9344a972961d1a6d2c04d9008b13617bcb6ec2ef

Url: https://github.com/torvalds/linux/commit/f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a

Url: https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9344a972961d1a6d2c04d9008b13617bcb6ec2ef

Url: https://www.mend.io/vulnerability-database/CVE-2012-6545

Severity Score

2.9

Weakness Type (CWE)

Exposure of Sensitive Information to an Unauthorized Actor

CWE-200

CVSS v3.1

Base Score:	2.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	1.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2012-6545

Good to know:

Date: March 14, 2013

Language: C

Severity Score

Related Resources (15)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?