265 matches found
CVE-2012-6547
The tunchrioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6541
The CVE-2012-6541 flaw affects the Linux kernel prior to version 3.6. The vulnerability resides in ccid3_hc_tx_getsockopt within net/dccp/ccids/ccid3.c, where an internal structure is not initialized, enabling local attackers to read sensitive information from kernel stack memory via a crafted ap...
CVE-2012-6543
The l2tpip6getname function in net/l2tp/l2tpip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6541
The ccid3hctxgetsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6539
The devifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6542
The llcuigetname function in net/llc/afllc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument...
CVE-2012-6542
The llcuigetname function in net/llc/afllc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument...
CVE-2012-6540
The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
UBUNTU-CVE-2012-6541
The ccid3hctxgetsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6546
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACESETREGS ptrace system call in a crafted application, as demonstrated by ptracedeath. CVE-2013-0160...
CVE-2012-4530
The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-4530
The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
Session fixation
The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device...
CVE-2011-1350
The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device...
CVE-2011-1350
The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device...
CVE-2012-0957
The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality...
CVE-2012-0957
The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality...
CVE-2012-0957
The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality...
CVE-2012-0957
CVE-2012-0957 affects the Linux kernel prior to 3.4.16. The override_release function in kernel/sys.c can let a local user leak kernel stack memory by calling uname with the UNAME26 personality. This is a local-privilege scenario; no remote vector is described in the provided documents. Affected ...