Lucene search
K

43 matches found

Microsoft CVE
Microsoft CVE
added 2023/04/04 7:0 a.m.9 views

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information it can be further used to defeat existing kernel protection mechanisms.

...

2.3CVSS7.2AI score0.00199EPSS
Exploits0
OSV
OSV
added 2023/03/27 9:15 p.m.10 views

CVE-2021-3923

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...

2.3CVSS7AI score
Exploits0References2
OSV
OSV
added 2023/03/27 9:15 p.m.5 views

UBUNTU-CVE-2021-3923

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...

2.3CVSS6.6AI score0.00199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.4 views

SUSE CVE-2010-4525

Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvmvcpuevents-interrupt.pad structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via unspecified vectors...

1.9CVSS6.3AI score0.00341EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.5 views

SUSE CVE-2016-9178

The getuserasmex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a getuserex call...

5.5CVSS7.1AI score0.00417EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.4 views

SUSE CVE-2018-17972

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents...

5.5CVSS6.2AI score0.0035EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.5 views

kernel: stack information leak in infiniband RDMA

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...

2.3CVSS6.7AI score0.00199EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/05/10 1:43 p.m.2 views

kernel: stack information leak in infiniband RDMA

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...

2.3CVSS6.7AI score0.00199EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/04 12:53 a.m.3 views

kernel: kernel stack information leak on s390/s390x

A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout file. This flaw allows a local user to see the kernel data...

4.4CVSS6.7AI score0.00366EPSS
Exploits0References5
OSV
OSV
added 2020/03/24 6:15 p.m.3 views

CVE-2020-10854

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...

7.5CVSS5.8AI score0.00413EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/11/05 8:44 p.m.5 views

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

6.5CVSS7AI score0.01827EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/08/13 3:18 p.m.1 views

kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task...

5.5CVSS7.3AI score0.0035EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/03/13 11:13 p.m.4 views

kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task...

5.5CVSS7.3AI score0.0035EPSS
Exploits0References4
OSV
OSV
added 2018/10/03 12:0 a.m.3 views

UBUNTU-CVE-2018-17972

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents...

5.5CVSS6.8AI score0.0035EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2018/04/17 3:29 p.m.6 views

kernel: Stack information leak in the EFS element

A flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space...

7.5CVSS7AI score0.04252EPSS
Exploits0References4
NVD
NVD
added 2017/08/16 3:29 p.m.29 views

CVE-2016-5347

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver...

4.7CVSS4.5AI score0.00548EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/07/16 5:18 p.m.4 views

Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg

The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6.4AI score0.00378EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/04/23 6:18 p.m.4 views

Kernel: atm: information leak in getsockopt & getsockname

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS6.7AI score0.00402EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/01/21 12:0 a.m.40 views

Ubuntu Update for linux USN-1696-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN16961.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-1696-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

4.9CVSS7AI score0.00882EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2013/01/11 12:0 a.m.23 views

Ubuntu Update for linux USN-1683-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN16831.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for linux USN-1683-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

2.1CVSS7.8AI score0.00882EPSS
Exploits1References2
Rows per page
Query Builder