17 matches found
CVE-2012-2136
CVE-2012-2136 affects the Linux kernel prior to 3.4.5. The sock_alloc_send_pskb function does not properly validate a length value, enabling a local user to trigger a heap-based overflow that can crash the system or potentially gain privileges via access to a TUN/TAP device. Affected software is ...
CVE-2012-3412
CVE-2012-3412 affects the sfc (Solarflare Solarstorm) driver in the Linux kernel, specifically versions before 3.2.30. The vulnerability allows remote attackers to trigger a denial of service by sending crafted TCP packets that induce a small MSS value, leading to DMA descriptor consumption and n...
CVE-2012-2375
CVE-2012-2375 affects the Linux kernel NFSv4 implementation where __nfs4_get_acl_uncached in fs/nfs/nfs4proc.c uses an incorrect length variable during a copy, enabling remote NFS servers to trigger a denial of service (OOPS) by sending excessive bitmap words in an FATTR4_ACL reply. Affected are ...
CVE-2011-4086
The CVE-2011-4086 vulnerability affects the Linux kernel prior to 3.3.1, where journal_unmap_buffer in fs/jbd2/transaction.c mishandles _Delay and _Unwritten journal buffer head states. This can crash the system (local DoS) when an ext4 filesystem is mounted with a journal. Remediation: upgrade t...
CVE-2012-3511
The CVE-2012-3511 entry maps to the Linux kernel issue in mm/madvise.c: madvise_remove contains race conditions that can be exploited locally to trigger use-after-free and kernel crash, resulting in denial of service via munmap or close. Affected lineage includes kernels before 3.4.5; patches add...
CVE-2012-2313
The CVE-2012-2313 issue affects the Linux kernel up to version 3.3.7, where rio_ioctl in drivers/net/ethernet/dlink/dl2k.c does not restrict access to the SIOCSMIIREG ioctl. This allows local attackers to write data to an Ethernet adapter via an ioctl call. The vulnerability is rooted in insuffic...
CVE-2012-2133
The CVE-2012-2133 issue is a use-after-free in the Linux kernel before 3.3.6 involving hugetlbfs when huge pages are enabled. A local user could crash the system or potentially escalate privileges by interacting with quota data during a umount operation, due to improper handling of quota data in ...
CVE-2012-4508
CVE-2012-4508 is a race condition in the Linux kernel's ext4 extents handling (fs/ext4/extents.c) that, before version 3.4.16, allows a local unprivileged user to read data from a deleted file by reading an extent that isn’t properly marked uninitialized. The issue is fixed in the 3.4.16 update (...
CVE-2012-1179
CVE-2012-1179 affects the Linux kernel prior to 3.3.1 when KVM is used: guest OS users can trigger a host OS denial of service (host crash) via page faults related to huge pages in pmd_none_or_clear_bad. MiracleLinux and related advisories reference this CVE among fixes in kernel updates before/a...
CVE-2012-2123
CVE-2012-2123 affects the Linux kernel up to version 3.3.3, where cap_bprm_set_creds in security/commoncap.c mishandles file-system capabilities (fcaps) for implementing a privileged executable. This can let local users bypass personality restrictions via a crafted application, demonstrated by an...
CVE-2012-0957
CVE-2012-0957 affects the Linux kernel prior to 3.4.16. The override_release function in kernel/sys.c can let a local user leak kernel stack memory by calling uname with the UNAME26 personality. This is a local-privilege scenario; no remote vector is described in the provided documents. Affected ...
CVE-2012-2383
CVE-2012-2383 affects the Linux kernel DRM/i915 component: an integer overflow in i915_gem_execbuffer2() within drivers/gpu/drm/i915/i915_gem_execbuffer.c. On 32-bit platforms and prior to kernel 3.3.5, this allows a local user to trigger an out-of-bounds write via a crafted ioctl, leading to a p...
CVE-2012-5517
CVE-2012-5517 is referenced in multiple advisories. The connected documents confirm a vulnerability in the Linux kernel before 3.6 where the online_pages function in mm/memory_hotplug.c can be abused by local users to cause a denial of service via a NULL pointer dereference when memory hot-added ...
CVE-2012-2745
CVE-2012-2745 affects the Linux kernel prior to 3.3.2. The copy_creds function in kernel/cred.c may provide an invalid replacement session keyring to a child process, allowing local users to cause a denial of service (panic) via a crafted fork. Affected: Linux kernel
CVE-2012-5532
The CVE-2012-5532 issue exists in the Linux kernel hypervkvpd hv_kvp_daemon: the main function in tools/hv/hv_kvp_daemon.c allows a local user to trigger a denial of service (daemon exit) via a crafted Netlink message. It is noted as a consequence of an incorrect fix for CVE-2012-2669, and a patc...
CVE-2012-2384
CVE-2012-2384 : Integer overflow in i915_gem_do_execbuffer (drivers/gpu/drm/i915/i915_gem_execbuffer.c) of the Linux kernel before 3.3.5 on 32-bit platforms. Local users may trigger an out-of-bounds write via a crafted ioctl, causing denial of service (and possibly other impact). Affected: DRM/i9...
CVE-2012-4467
The vulnerability CVE-2012-4467 affects the Linux kernel (pre-3.5.4). The affected code paths are the do_siocgstamp and do_siocgstampns functions in net/socket.c, which use an incorrect argument order, enabling local users to either read sensitive kernel memory or trigger a denial of service (sys...