404 matches found
UBUNTU-CVE-2013-3228
The irdarecvmsgdgram function in net/irda/afirda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
UBUNTU-CVE-2013-3076
The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...
CVE-2013-3224
The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
CVE-2013-3234
The roserecvmsg function in net/rose/afrose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
CVE-2013-3226
The scosockrecvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
UBUNTU-CVE-2013-3224
The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
UBUNTU-CVE-2013-3233
The llcpsockrecvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
CVE-2012-3430
The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...
Sql injection
The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...
CVE-2012-3430
CVE-2012-3430 : In the Linux kernel before 3.0.44, the function rds_recvmsg in net/rds/recv.c fails to initialize a structure member, allowing a local attacker to read potentially sensitive kernel stack memory via recvfrom or recvmsg on an RDS socket. Impact: information disclosure. Affected: Lin...
kernel: recv{from,msg}() on an rds socket can leak kernel memory
The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...
Medium: kernel
Issue Overview: The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...
PT-2012-4705 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0.44 Description: The issue is related to the rds recvmsg function in the Linux kernel, which does not initialize a certain structure member. This allows local users to obtain potentially sensitive information...
Linux Kernel 2.6.x - rds_recvmsg() Local Information Disclosure
Linux Kernel 2.6.x - rdsrecvmsg Local Information Disclosure / source: https://www.securityfocus.com/bid/54702/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. /...
Design/Logic Flaw
The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...
CVE-2010-3904
The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...
CVE-2010-3904
CVE-2010-3904 is a Linux kernel flaw in the RDS implementation where rds_page_copy_user does not validate user-space addresses, enabling local privilege escalation via crafted sendmsg/recvmsg calls. Affected: Linux kernels prior to 2.6.36; fixed in later kernel releases (e.g., Red Hat/CentOS advi...
kernel: RDS sockets local privilege escalation
The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...
PT-2010-5158 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 2.6.36 Description: The issue is related to improper input validation in the Reliable Datagram Sockets RDS protocol implementation. Specifically, the rds page copy user function in net/rds/page.c does not proper...
Linux kernel RDS protocol privilege escalation
It's possible to overwite kernel memory regions via recvmsg for RDS protocol...