The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. Per https://access.redhat.com/security/cve/CVE-2012-6542
"This issue affects the versions of Linux kernel as shipped with
Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6 may address this issue."
Publication date: Mon, 22 Apr 2019 22:48:00 +0000