Lucene search
K

105 matches found

CVE
CVE
added 2017/08/16 3:0 p.m.53 views

CVE-2016-5854

CVE-2016-5854 involves a kernel information disclosure in Qualcomm SPCom driver components across Android for MSM, Firefox OS for MSM, and QRD Android. The underlying issue is that kernel heap memory can be exposed to userspace, enabling local information disclosure. Public documents list the aff...

4.7CVSS5.2AI score0.00457EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/08/16 3:0 p.m.24 views

CVE-2016-5854

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace...

4.9AI score0.00457EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/12/05 12:0 a.m.309 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2976-1)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. For the PowerPC64 a new 'bigmem' flavor has been added to support big Power machines. FATE319026 The following security bugs were fixed : - CVE-2016-7042: The prockeysshow function in security/keys/proc....

10CVSS7.3AI score0.24299EPSS
Exploits9References127
NVD
NVD
added 2016/07/03 9:59 p.m.22 views

CVE-2016-4998

The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...

7.1CVSS7AI score0.01885EPSS
Exploits1References27
Cvelist
Cvelist
added 2016/07/03 9:0 p.m.35 views

CVE-2016-4998

The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...

7.2AI score0.01885EPSS
Exploits1References27
Mageia
Mageia
added 2014/05/19 6:30 p.m.69 views

Updated kernel-linus packages fix multiple vulnerabilities

Updated kernel-linus provides upstream 3.12.20 kernel and fixes the following security issues: The ioapicdeliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvmirqdeliverytoapic return value, which allows guest OS users to cause a denial of...

7.2CVSS6.6AI score0.22475EPSS
Exploits9References3
NVD
NVD
added 2014/05/11 9:55 p.m.27 views

CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

2.1CVSS6.7AI score0.00524EPSS
Exploits0References18
OSV
OSV
added 2014/05/11 9:55 p.m.1 views

DEBIAN-CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

2.1CVSS7.5AI score0.00524EPSS
Exploits0References1
OSV
OSV
added 2014/05/11 9:55 p.m.6 views

CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

5.2AI score
Exploits0References18
Prion
Prion
added 2014/05/11 9:55 p.m.35 views

Design/Logic Flaw

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

2.1CVSS6.2AI score0.00524EPSS
Exploits0References18Affected Software8
CVE
CVE
added 2014/05/11 9:0 p.m.135 views

CVE-2014-1738

CVE-2014-1738 is a Linux kernel vulnerability in the floppy driver (raw_cmd_copyout) where processing FDRAWCMD IOCTL calls could allow local attackers with write access to /dev/fd to read kernel heap memory. The flaw is described as an improper restriction of pointers during FDRAWCMD processing, ...

2.1CVSS5.9AI score0.00524EPSS
Exploits0References18Affected Software1
OSV
OSV
added 2014/05/11 12:0 a.m.3 views

UBUNTU-CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

2.1CVSS6.4AI score0.00524EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2014/05/11 12:0 a.m.35 views

CVE-2014-1738

The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to...

2.1CVSS6.5AI score0.00524EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2013/07/16 5:18 p.m.5 views

Kernel: udf: information leak on export

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

1.9CVSS6.6AI score0.00429EPSS
Exploits0References4
OSV
OSV
added 2013/07/04 9:55 p.m.8 views

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

6AI score0.00552EPSS
Exploits1References22
OSV
OSV
added 2013/07/04 9:55 p.m.8 views

CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

7.2AI score
Exploits0References21
UbuntuCve
UbuntuCve
added 2013/07/04 12:0 a.m.38 views

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

2.1CVSS7.1AI score0.00552EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2013/07/04 12:0 a.m.2 views

PT-2013-3612 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.9 Description: The issue concerns the key notify policy flush function in the Linux kernel, which fails to initialize a certain structure member. This allows local users to obtain sensitive information from...

6.9CVSS6.3AI score0.04707EPSS
Exploits6References101
Positive Technologies
Positive Technologies
added 2013/07/04 12:0 a.m.2 views

PT-2013-3611 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10 Description: The issue affects the Linux kernel, where the key notify sa flush and key notify policy flush functions in net/key/af key.c do not properly initialize certain structure members. This allows loc...

7.2CVSS6.7AI score0.04707EPSS
Exploits21References183
NVD
NVD
added 2013/06/05 2:39 p.m.27 views

CVE-2013-3953

The machportspaceinfo function in osfmk/ipc/machdebug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call...

4.9CVSS4.9AI score0.00455EPSS
Exploits1References5
Rows per page
Query Builder