CVE-2012-4555
Description
A denial of service vulnerability in Red Hat Certificate System 8.1's token processing system allows attackers to crash Apache httpd child processes by interrupting token format operations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A denial of service vulnerability in Red Hat Certificate System 8.1's token processing system allows attackers to crash Apache httpd child processes by interrupting token format operations.
Vulnerability
The vulnerability resides in the pki-tps component of Red Hat Certificate System (RHCS) before version 8.1.3. It occurs when the token processing system does not properly handle interruptions during token format operations, leading to a NULL pointer dereference. This affects pki-tps as shipped with RHCS 8.1, as well as Fedora 16 and 17 [1][2].
Exploitation
An attacker needs to be a Certificate System user with the ability to initiate a token format operation and then suddenly interrupt it. The interruption can be triggered by unspecified vectors (e.g., disconnecting or sending malformed requests). The attack is local in the sense that the user must have access to the system, but can be remote if the Token Processing System is exposed [2].
Impact
Successful exploitation causes a denial of service (DoS) by crashing the Apache httpd web server child process that handles the pki-tps session. This temporarily halts processing of other users' requests, as the child process restarts. No data integrity or confidentiality impact is described; only availability [1][2].
Mitigation
The issue is fixed in Red Hat Certificate System 8.1.3, with updated pki-common and pki-tps packages released in RHSA-2012:1550. Users should upgrade to these packages and restart all RHCS subsystems for the update to take effect. No workarounds are mentioned [1][2].
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
8cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*range: <=8.1.1
- cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*
- (no CPE)range: < 8.1.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- rhn.redhat.com/errata/RHSA-2012-1550.htmlnvdVendor Advisory
- secunia.com/advisories/51482nvdVendor Advisory
- www.securityfocus.com/bid/56843nvd
- www.securitytracker.com/idnvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.