{
  "threat_severity" : "Low",
  "public_date" : "2012-08-15T00:00:00Z",
  "bugzilla" : {
    "description" : "Kernel: llc: information leak via getsockname",
    "id" : "922322",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=922322"
  },
  "cvss" : {
    "cvss_base_score" : "1.9",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:P/I:N/A:N",
    "status" : "verified"
  },
  "details" : [ "The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument." ],
  "statement" : "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise MRG 2.\nThis issue affects the version of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.  Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2013-04-16T00:00:00Z",
    "advisory" : "RHSA-2013:0747",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-348.4.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2013-11-20T00:00:00Z",
    "advisory" : "RHSA-2013:1645",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-431.el6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Not affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-6542\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-6542" ],
  "name" : "CVE-2012-6542",
  "csaw" : false
}