Lucene search
K

6633 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.2 views

SUSE CVE-2014-2568

Use-after-free vulnerability in the nfqnlzcopy function in net/netfilter/nfnetlinkqueuecore.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the...

2.9CVSS6.6AI score0.01015EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.2 views

SUSE CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

7.2CVSS6.4AI score0.00469EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-3917

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via a large value of a syscall number...

3.3CVSS6.2AI score0.0036EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9903

The schedreadattr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted schedgetattr system call...

5.5CVSS8.1AI score0.00364EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:22 a.m.3 views

SUSE CVE-2015-0777

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory...

2.1CVSS6.1AI score0.00413EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.2 views

SUSE CVE-2015-2042

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

4.6CVSS6.6AI score0.00449EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.5 views

SUSE CVE-2015-2041

net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

4.6CVSS6.6AI score0.00472EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.1 views

SUSE CVE-2015-7885

The dgncmgmtioctl function in drivers/staging/dgnc/dgncmgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...

2.3CVSS5.9AI score0.00443EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.3 views

SUSE CVE-2015-7884

The vividfbioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...

2.3CVSS5.9AI score0.00437EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.2 views

SUSE CVE-2015-8569

The 1 pptpbind and 2 pptpconnect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application...

2.3CVSS5.9AI score0.00485EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.7 views

SUSE CVE-2015-8950

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dmammap call...

5.5CVSS5.9AI score0.01457EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.4 views

SUSE CVE-2016-4485

The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...

5.3CVSS7.4AI score0.04671EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.4 views

SUSE CVE-2016-4998

The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...

7.1CVSS6.8AI score0.01885EPSS
Exploits1References20
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.1 views

SUSE CVE-2016-5244

The rdsincinfocopy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message...

7.5CVSS7.4AI score0.05521EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.2 views

SUSE CVE-2016-7916

Race condition in the environread function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc//environ file during a process-setup time interval in which environment-variable copying is incomplete...

5.5CVSS7.9AI score0.00388EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

7CVSS7.2AI score0.00372EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.3 views

SUSE CVE-2017-0564

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

9.3CVSS7.3AI score0.04245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.4 views

SUSE CVE-2017-2584

arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service use-after-free via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt...

7.1CVSS5.8AI score0.00421EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.2 views

SUSE CVE-2017-10911

The makeresponse function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS or other guest OS kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structure...

4.3CVSS6.8AI score0.00445EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.4 views

SUSE CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...

5.5CVSS5.8AI score0.00439EPSS
Exploits0References3
Rows per page
Query Builder