Published: 07 March 2012
The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.
From the Ubuntu security team
H. Peter Anvin reported a flaw in the Linux kernel that could crash the system. A local user could exploit this flaw to crash the system.
CVSS 3 base score: 7.8