Lucene search
K

51 matches found

RedHat Linux
RedHat Linux
added 2017/10/19 2:48 p.m.9 views

kernel: Use-after-free in sys_mq_notify()

A use-after-free flaw was found in the Netlink functionality of the Linux kernel networking subsystem. Due to the insufficient cleanup in the mqnotify function, a local attacker could potentially use this flaw to escalate their privileges on the system...

7.8CVSS7.1AI score0.03631EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2012/05/17 12:0 a.m.41 views

SuSE 10 Security Update : the Linux Kernel (x86_64) (ZYPP Patch Number 6730)

This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraidsas driver was worldwriteable, allowing local users to cause a denial of service or potential code...

7.8CVSS7.1AI score0.12461EPSS
Exploits12References24
RedHat Linux
RedHat Linux
added 2009/12/15 5:5 p.m.3 views

kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS7.1AI score0.00399EPSS
Exploits1References4
NVD
NVD
added 2009/10/19 8:0 p.m.21 views

CVE-2009-3612

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS6.7AI score0.00399EPSS
Exploits1References24
UbuntuCve
UbuntuCve
added 2009/10/19 8:0 p.m.25 views

CVE-2005-4881

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the 1 tcfillqdisc, 2...

4.9CVSS5.9AI score0.00381EPSS
Exploits0References1
NVD
NVD
added 2009/10/19 8:0 p.m.24 views

CVE-2005-4881

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the 1 tcfillqdisc, 2...

4.9CVSS7AI score0.00381EPSS
Exploits0References20
Prion
Prion
added 2009/10/19 8:0 p.m.29 views

Code injection

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS5.7AI score0.00399EPSS
Exploits1References24Affected Software7
Cvelist
Cvelist
added 2009/10/19 7:27 p.m.33 views

CVE-2009-3612

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

6.8AI score0.00399EPSS
Exploits1References24
CVE
CVE
added 2009/10/19 7:27 p.m.120 views

CVE-2009-3612

CVE-2009-3612 affects the Linux kernel’s net/sched/cls_api.c tcf_fill_node in the netlink subsystem. The issue is that a tcm__pad2 structure member is not initialized, potentially allowing local attackers to read sensitive kernel memory. Affected: kernel 2.6.x prior to 2.6.32-rc5 and 2.4.37.6 and...

2.1CVSS6.1AI score0.00399EPSS
Exploits1References24Affected Software1
Cvelist
Cvelist
added 2009/10/19 7:27 p.m.25 views

CVE-2005-4881

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the 1 tcfillqdisc, 2...

6.5AI score0.00381EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2009/10/19 12:0 a.m.27 views

CVE-2009-3612

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS7AI score0.00399EPSS
Exploits1References2
Rows per page
Query Builder