Unrated severityNVD Advisory· Published Nov 5, 2013· Updated Jun 16, 2026
CVE-2012-4503
CVE-2012-4503
Description
cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to (1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to the handle_client_accesses function when client logging is disabled, which causes uninitialized data to be included in a reply.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
26cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*range: <=1.28
- cpe:2.3:a:tuxfamily:chrony:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19.99.1:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19.99.2:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19.99.3:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.20:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.21:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.21:pre1:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.23:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.23.1:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.23:pre1:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.24:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.24:pre1:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.25:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.25:pre1:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.25:pre2:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.26:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.26:pre1:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.27:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.27:pre1:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.28:pre1:*:*:*:*:*:*
- (no CPE)range: <1.29
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.