Lucene search
K

404 matches found

OSV
OSV
added 2013/04/22 12:0 a.m.2 views

UBUNTU-CVE-2013-3228

The irdarecvmsgdgram function in net/irda/afirda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6.7AI score0.00389EPSS
Exploits0References16
OSV
OSV
added 2013/04/22 12:0 a.m.4 views

UBUNTU-CVE-2013-3076

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...

4.9CVSS6.1AI score0.00354EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2013/04/22 12:0 a.m.50 views

CVE-2013-3224

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6.5AI score0.00392EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2013/04/22 12:0 a.m.37 views

CVE-2013-3234

The roserecvmsg function in net/rose/afrose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6.8AI score0.00389EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2013/04/22 12:0 a.m.14 views

CVE-2013-3226

The scosockrecvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS5.9AI score0.0037EPSS
Exploits0References7
OSV
OSV
added 2013/04/22 12:0 a.m.2 views

UBUNTU-CVE-2013-3224

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6.4AI score0.00392EPSS
Exploits0References16
OSV
OSV
added 2013/04/22 12:0 a.m.3 views

UBUNTU-CVE-2013-3233

The llcpsockrecvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS5.8AI score0.00381EPSS
Exploits0References12
NVD
NVD
added 2012/10/03 11:2 a.m.24 views

CVE-2012-3430

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

2.1CVSS5.3AI score0.00952EPSS
Exploits2References18
Prion
Prion
added 2012/10/03 11:2 a.m.22 views

Sql injection

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

2.1CVSS6AI score0.00952EPSS
Exploits2References18Affected Software1
CVE
CVE
added 2012/10/03 10:0 a.m.110 views

CVE-2012-3430

CVE-2012-3430 : In the Linux kernel before 3.0.44, the function rds_recvmsg in net/rds/recv.c fails to initialize a structure member, allowing a local attacker to read potentially sensitive kernel stack memory via recvfrom or recvmsg on an RDS socket. Impact: information disclosure. Affected: Lin...

2.1CVSS5.1AI score0.00952EPSS
Exploits2References18Affected Software1
RedHat Linux
RedHat Linux
added 2012/10/02 5:38 p.m.4 views

kernel: recv{from,msg}() on an rds socket can leak kernel memory

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

2.1CVSS6.7AI score0.00952EPSS
Exploits2References4
Amazon
Amazon
added 2012/08/21 12:0 a.m.54 views

Medium: kernel

Issue Overview: The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

2.1CVSS6.2AI score0.00952EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2012/07/27 12:0 a.m.5 views

PT-2012-4705 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0.44 Description: The issue is related to the rds recvmsg function in the Linux kernel, which does not initialize a certain structure member. This allows local users to obtain potentially sensitive information...

7.8CVSS6.9AI score0.06158EPSS
Exploits21References158
exploitpack
exploitpack
added 2012/07/26 12:0 a.m.14 views

Linux Kernel 2.6.x - rds_recvmsg() Local Information Disclosure

Linux Kernel 2.6.x - rdsrecvmsg Local Information Disclosure / source: https://www.securityfocus.com/bid/54702/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. /...

7.2AI score
Exploits0
Prion
Prion
added 2010/12/06 8:13 p.m.35 views

Design/Logic Flaw

The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...

7.2CVSS7AI score0.11217EPSS
Exploits16References19Affected Software6
NVD
NVD
added 2010/12/06 8:13 p.m.25 views

CVE-2010-3904

The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...

7.8CVSS6.5AI score0.11217EPSS
Exploits16References20
CVE
CVE
added 2010/12/06 8:0 p.m.641 views

CVE-2010-3904

CVE-2010-3904 is a Linux kernel flaw in the RDS implementation where rds_page_copy_user does not validate user-space addresses, enabling local privilege escalation via crafted sendmsg/recvmsg calls. Affected: Linux kernels prior to 2.6.36; fixed in later kernel releases (e.g., Red Hat/CentOS advi...

7.8CVSS6.4AI score0.11217EPSS
In wildExploits16References20Affected Software1
RedHat Linux
RedHat Linux
added 2010/10/25 6:41 p.m.2 views

kernel: RDS sockets local privilege escalation

The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...

7.8CVSS6.6AI score0.11217EPSS
Exploits16References5
Positive Technologies
Positive Technologies
added 2010/10/25 12:0 a.m.4 views

PT-2010-5158 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 2.6.36 Description: The issue is related to improper input validation in the Reliable Datagram Sockets RDS protocol implementation. Specifically, the rds page copy user function in net/rds/page.c does not proper...

8.3CVSS6.2AI score0.11217EPSS
Exploits29References65
securityvulns
securityvulns
added 2010/10/24 12:0 a.m.48 views

Linux kernel RDS protocol privilege escalation

It's possible to overwite kernel memory regions via recvmsg for RDS protocol...

7.2CVSS4AI score0.11217EPSS
Exploits16References1Affected Software1
Rows per page
Query Builder