Design/Logic Flaw

The caifseqpktrecvmsg function in net/caif/caifsocket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

Design/Logic Flaw

The l2tpip6recvmsg function in net/l2tp/l2tpip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3232

The CVE-2013-3232 issue is a Linux kernel local information disclosure caused by nr_recvmsg in net/netrom/af_netrom.c not initializing a data structure. Affected: Linux kernel versions prior to 3.9-rc7 (per the description). Impact: local users may read kernel stack memory via crafted recvmsg/rec...

CVE-2013-3230

The l2tpip6recvmsg function in net/l2tp/l2tpip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3233

The llcpsockrecvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3234

The roserecvmsg function in net/rose/afrose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3223

The ax25recvmsg function in net/ax25/afax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3227

The caifseqpktrecvmsg function in net/caif/caifsocket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

UBUNTU-CVE-2013-3224

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3224

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3228

The irdarecvmsgdgram function in net/irda/afirda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

CVE-2013-3076

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...

UBUNTU-CVE-2013-3227

The caifseqpktrecvmsg function in net/caif/caifsocket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20130416)

This update fixes the following security issues : - A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that coul...

CVE-2013-0790

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service stack memory corruption and application crash or possibly execute arbitrary code via unknown vectors involving a plug-in...

CVE-2013-0790

CVE-2013-0790 affects Mozilla Firefox for Android prior to 20.0. It stems from a browser-engine memory-safety vulnerability that could lead to a denial of service or remote code execution via an unspecified plug-in path. The linked MFSA advisory group (MFSA 2013-30/31/32…/40) confirms memory-safe...

CVE-2013-2635

The rtnlfillifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2013-2634

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2013-2634

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2013-2635

The rtnlfillifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...