Vulnerability Details : CVE-2012-6703
Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2012-6703
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-6703
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-6703
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2012-6703
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-6703
-
https://www.kernel.org/pub/linux/kernel/next/patch-v3.6-rc6-next-20120917.xz
Patch
-
https://github.com/torvalds/linux/commit/b35cc8225845112a616e3a2266d2fde5ab13d3ab
ALSA: compress_core: integer overflow in snd_compr_allocate_buffer() · torvalds/linux@b35cc82 · GitHubVendor Advisory
-
http://www.securityfocus.com/bid/91502
Linux Kernel CVE-2012-6703 Local Integer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2016/06/28/6
oss-security - Re: CVE Request: integer overflow in ALSA snd_compress_check_inputMailing List
-
https://bugzilla.redhat.com/show_bug.cgi?id=1351076
1351076 – (CVE-2012-6703) CVE-2012-6703 kernel: Integer overflow in compress_coreIssue Tracking
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b35cc8225845112a616e3a2266d2fde5ab13d3ab
kernel/git/torvalds/linux.git - Linux kernel source treeVendor Advisory
-
http://www.securitytracker.com/id/1036190
Linux Kernel ALSA snd_compr_allocate_buffer() Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to