Unrated severityNVD Advisory· Published Aug 9, 2012· Updated Apr 29, 2026

CVE-2012-2136

Description

The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <3.0.37
Ubuntu/Linux Kernelllm-fuzzy
Range: <3.4.5

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1ccnvdExploitPatch
rhn.redhat.com/errata/RHSA-2012-0743.htmlnvdThird Party AdvisoryVDB Entry
rhn.redhat.com/errata/RHSA-2012-1087.htmlnvdThird Party Advisory
ubuntu.com/usn/usn-1529-1nvdThird Party Advisory
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5nvdVendor Advisory
www.securityfocus.com/bid/53721nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1535-1nvdThird Party Advisory
git.kernel.orgnvdBroken Link
secunia.com/advisories/50807nvdURL Repurposed
bugzilla.redhat.com/show_bug.cginvdIssue Tracking

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000