2854 matches found
CVE-2013-7266
CVE-2013-7266 affects the Linux kernel code path in drivers/isdn/mISDN/socket.c up to version 3.12.3. The function mISDN_sock_recvmsg does not consistently validate length against the related data structure, enabling local attackers to read kernel memory via (1) recvfrom, (2) recvmmsg, or (3) rec...
CVE-2013-7268
The CVE-2013-7268 vulnerability affects the Linux kernel up to version 3.12.3, where ipx_recvmsg in net/ipx/af_ipx.c writes a length value without confirming the associated data structure is initialized. This can allow local attackers to read kernel memory via recvfrom/recvmmsg/recvmsg. The issue...
CVE-2013-7269
The nrrecvmsg function in net/netrom/afnetrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3...
CVE-2013-7266
The mISDNsockrecvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2...
CVE-2013-7269
The nrrecvmsg function in net/netrom/afnetrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3...
CVE-2013-7271
The x25recvmsg function in net/x25/afx25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3 recvm...
CVE-2013-7267
The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3...
CVE-2013-7270
The packetrecvmsg function in net/packet/afpacket.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or...
UBUNTU-CVE-2013-7270
The packetrecvmsg function in net/packet/afpacket.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or...
UBUNTU-CVE-2013-7268
The ipxrecvmsg function in net/ipx/afipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3 recvm...
Ubuntu 12.10 : linux vulnerabilities (USN-2071-1)
Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. CVE-2013-2930 Stephan Mueller reported an erro...
Design/Logic Flaw
The nandioctl function in sys/dev/nand/nandgeom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...
Design/Logic Flaw
The qlseioctl function in sys/dev/qlxge/qlsioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...
Kernel: net: information leak in AF_KEY notify
The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...
Kernel: information leak in cdrom driver
The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...
CVE-2013-6282
The 1 getuser and 2 putuser API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against...
CVE-2013-6282
The 1 getuser and 2 putuser API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against...
PT-2013-5986 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 3.5.5 Description: The issue arises from improper input validation in the Linux kernel, specifically in the 1 get user and 2 put user API functions on the v6k and v7 ARM platforms. This allows attackers to read ...
Ubuntu Update for linux USN-2017-1
Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN20171.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-2017-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...
FreeBSD 10 qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak
The qlxge/qlxgbe driver in FreeBSD versions 10 and below has vulnerabilities that leak arbitrary kernel memory to the userspace. XADV-2013006 FreeBSD site: http://www.x90c.org References: 1 http://fxr.watson.org/fxr/source/dev/qlxge/README.txt?v=FREEBSD10 2...