Lucene search
K

6634 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.3 views

SUSE CVE-2010-4565

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

2.1CVSS5.9AI score0.00496EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.2 views

SUSE CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

5.5CVSS5.9AI score0.004EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.3 views

SUSE CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custommethod file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347...

3.6CVSS6.5AI score0.00928EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.2 views

SUSE CVE-2011-1044

The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...

2.1CVSS6.3AI score0.00389EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.1 views

SUSE CVE-2011-1078

The scosockgetsockoptold function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCOCONNINFO option...

1.9CVSS6AI score0.00365EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1163

The osfpartition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing...

2.1CVSS6.1AI score0.00414EPSS
Exploits2References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1170

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

2.1CVSS5.8AI score0.0041EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.4 views

SUSE CVE-2011-1173

The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.39 on the x8664 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packet...

5CVSS6.4AI score0.02608EPSS
Exploits2References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.3 views

SUSE CVE-2011-2492

The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to 1 the l2capsockgetsockoptold function in...

1.9CVSS5.9AI score0.00354EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.4 views

SUSE CVE-2011-2707

The ptracesetxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACESETXTREGS request...

6CVSS5.9AI score0.00367EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.4 views

SUSE CVE-2012-0875

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service kernel panic and crash via vectors related to crafted DWARF data, which triggers a read of an invalid pointer...

5.4CVSS6.3AI score0.0035EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.4 views

SUSE CVE-2012-3510

Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service system crash via a taskstats TASKSTATSCMDATTRPID command...

5.6CVSS6.2AI score0.00505EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.2 views

SUSE CVE-2012-6540

The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS5.9AI score0.00359EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.4 views

SUSE CVE-2012-6546

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS5.9AI score0.00402EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.4 views

SUSE CVE-2012-6547

The tunchrioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS5.9AI score0.00399EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.4 views

SUSE CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

1.9CVSS5.9AI score0.00368EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.4 views

SUSE CVE-2012-6548

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

1.9CVSS5.9AI score0.00429EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.3 views

SUSE CVE-2013-1943

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted...

7.8CVSS6.2AI score0.00449EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-2147

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via 1 a crafted IDAGETPCIINFO command for a...

2.1CVSS6.1AI score0.0042EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-2148

The filleventmetadata function in fs/notify/fanotify/fanotifyuser.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor...

2.1CVSS5.9AI score0.00359EPSS
Exploits0References7
Rows per page
Query Builder