VYPR
Unrated severityNVD Advisory· Published Nov 5, 2013· Updated Jun 16, 2026

CVE-2012-4503

CVE-2012-4503

Description

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to (1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to the handle_client_accesses function when client logging is disabled, which causes uninitialized data to be included in a reply.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

26
  • Chrony/Chrony25 versions
    cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*range: <=1.28
    • cpe:2.3:a:tuxfamily:chrony:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.18:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.19:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.19.99.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.19.99.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.19.99.3:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.20:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.21:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.21:pre1:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.23:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.23.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.23:pre1:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.24:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.24:pre1:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.25:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.25:pre1:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.25:pre2:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.26:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.26:pre1:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.27:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.27:pre1:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:1.28:pre1:*:*:*:*:*:*
    • (no CPE)range: <1.29

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.