CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

Command injection

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

UBUNTU-CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

CVE-2012-4503

CVE-2012-4503 affects Chrony (cmdmon.c) and allows remote attackers to obtain potentially sensitive information from stack memory when client logging is disabled, via crafted RPY_SUBNETS_ACCESSED or related commands; root cause is uninitialized data included in a reply. Publicly reported in multi...

CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

CVE-2013-4355

Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a 1 port or 2 memory mapped I/O write or 3 other unspecified operations related to addresses without associated memory...

Design/Logic Flaw

Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a 1 port or 2 memory mapped I/O write or 3 other unspecified operations related to addresses without associated memory...

CVE-2013-5209

The sctpsendinitiateack function in sys/netinet/sctpoutput.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by readi...

CVE-2013-5209

Removed by vendor...

Kernel: Bluetooth: HCI & L2CAP information leaks

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

Medium: kernel

Issue Overview: The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. The...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 7991 / 7992 / 7994)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to 3.0.82 and to fix various bugs and security issues. The following security issues have been fixed : - The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel allowed local users to cause a denial of service NUL...

kernel: Information leak in the Data Center Bridging (DCB) component

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Kernel: atm: update msg_namelen in vcc_recvmsg()

The vccrecvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg

The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

kernel: Information leak in the Data Center Bridging (DCB) component

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Oracle Linux 5 : kernel (ELSA-2010-0839)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0839 advisory. - net rds: fix local privilege escalation Eugene Teo 642897 642898 CVE-2010-3904 - misc futex: replace LOCKPREFIX in futex.h Peter Zijlstra 633175 6331...

Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg

The llcuirecvmsg function in net/llc/afllc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

Kernel: tipc: info leaks via msg_name in recv_msg/recv_stream

net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...