Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LinuxLinux Kernel3.4.26

89 matches found

CVE
CVEadded 2013/04/29 2:55 p.m.75 views

CVE-2013-1928

The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb d...

4.7CVSS5.5AI score0.00077EPSS
CVE
CVEadded 2013/11/12 2:35 p.m.75 views

CVE-2013-4515

The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.

4.9CVSS6.7AI score0.00042EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.72 views

CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.

1.9CVSS5.5AI score0.00076EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.70 views

CVE-2012-6540

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS5.5AI score0.00058EPSS
CVE
CVEadded 2013/07/15 8:55 p.m.70 views

CVE-2013-4125

The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred f...

5.4CVSS5.8AI score0.01428EPSS
CVE
CVEadded 2013/11/12 2:35 p.m.70 views

CVE-2013-4514

Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_ui...

4.7CVSS7.5AI score0.00045EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.69 views

CVE-2012-6549

The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

1.9CVSS5.4AI score0.00034EPSS
CVE
CVEadded 2013/12/09 6:55 p.m.69 views

CVE-2013-4270

The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application.

3.6CVSS5.7AI score0.00044EPSS
CVE
CVEadded 2013/11/20 1:19 p.m.69 views

CVE-2013-4591

Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended at...

6.2CVSS7.8AI score0.00062EPSS
CVE
CVEadded 2013/12/09 6:55 p.m.69 views

CVE-2013-7027

The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.

6.1CVSS6.7AI score0.00371EPSS
CVE
CVEadded 2013/12/14 6:8 p.m.68 views

CVE-2013-6376

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

5.2CVSS5.8AI score0.00146EPSS
CVE
CVEadded 2013/12/09 6:55 p.m.67 views

CVE-2013-6431

The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for an IPv6 SIOCADDRT ioctl cal...

4.7CVSS6.7AI score0.00045EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.66 views

CVE-2012-6539

The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS5.4AI score0.00058EPSS
CVE
CVEadded 2013/09/16 1:1 p.m.66 views

CVE-2013-2894

drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

4.7CVSS5.7AI score0.0007EPSS
CVE
CVEadded 2013/12/09 6:55 p.m.66 views

CVE-2013-7026

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system call...

4.7CVSS7.7AI score0.00011EPSS
CVE
CVEadded 2013/09/16 1:1 p.m.65 views

CVE-2013-2898

drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device.

1.9CVSS6.7AI score0.00063EPSS
CVE
CVEadded 2013/09/25 10:31 a.m.64 views

CVE-2013-2140

The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka ...

3.8CVSS6.2AI score0.0013EPSS
CVE
CVEadded 2013/09/16 1:1 p.m.64 views

CVE-2013-2896

drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.

4.7CVSS5.9AI score0.00069EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.63 views

CVE-2012-6541

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS6.1AI score0.00056EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.63 views

CVE-2012-6546

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS5.4AI score0.00032EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.63 views

CVE-2013-2548

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_N...

2.1CVSS5.3AI score0.00074EPSS
CVE
CVEadded 2013/11/12 2:35 p.m.62 views

CVE-2013-4513

Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.

4.9CVSS8.6AI score0.00016EPSS
CVE
CVEadded 2013/11/12 2:35 p.m.62 views

CVE-2013-4516

The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

4.9CVSS6.6AI score0.00039EPSS
CVE
CVEadded 2013/09/16 1:1 p.m.59 views

CVE-2013-2891

drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

4.7CVSS5.7AI score0.00066EPSS
CVE
CVEadded 2013/02/28 7:55 p.m.58 views

CVE-2013-1772

The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console...

4CVSS6.1AI score0.00045EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.58 views

CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

2.1CVSS5.4AI score0.00074EPSS
CVE
CVEadded 2014/04/01 6:35 a.m.57 views

CVE-2013-7348

Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via vectors involving an error condition in the aio_setup_ring function.

4.6CVSS7.6AI score0.00053EPSS
CVE
CVEadded 2013/04/05 9:55 p.m.56 views

CVE-2013-1858

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child proc...

7.2CVSS6.6AI score0.00912EPSS
CVE
CVEadded 2013/05/03 11:57 a.m.56 views

CVE-2013-1959

kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.

3.7CVSS6.2AI score0.01052EPSS
CVE
CVEadded 2013/12/09 6:55 p.m.54 views

CVE-2013-6432

The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a craft...

4.6CVSS7AI score0.00042EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.53 views

CVE-2012-6536

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new o...

2.1CVSS5.5AI score0.00055EPSS
CVE
CVEadded 2013/11/12 2:35 p.m.53 views

CVE-2013-4512

Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.

4.7CVSS7.1AI score0.00131EPSS
CVE
CVEadded 2013/09/16 1:1 p.m.52 views

CVE-2013-2890

drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

4.7CVSS7.3AI score0.00068EPSS
CVE
CVEadded 2013/08/25 3:27 a.m.52 views

CVE-2013-4205

Memory leak in the unshare_userns function in kernel/user_namespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service (memory consumption) via an invalid CLONE_NEWUSER unshare call.

4.7CVSS5.6AI score0.00107EPSS
CVE
CVEadded 2013/07/29 1:59 p.m.51 views

CVE-2013-4127

Use-after-free vulnerability in the vhost_net_set_backend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service (OOPS and system crash) via vectors involving powering on a virtual machine.

4.7CVSS5.6AI score0.00044EPSS
CVE
CVEadded 2013/11/04 3:55 p.m.48 views

CVE-2013-2058

The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a USB/Ethernet adapter.

4.7CVSS5.8AI score0.00044EPSS
CVE
CVEadded 2013/07/29 1:59 p.m.48 views

CVE-2013-4129

The bridge multicast implementation in the Linux kernel through 3.10.3 does not check whether a certain timer is armed before modifying the timeout value of that timer, which allows local users to cause a denial of service (BUG and system crash) via vectors involving the shutdown of a KVM virtual m...

4.7CVSS6.2AI score0.00046EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.42 views

CVE-2012-6543

The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS5.6AI score0.00057EPSS
CVE
CVEadded 2013/04/29 2:55 p.m.40 views

CVE-2013-3302

Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors involving a reconnection event.

4.4CVSS7.1AI score0.00047EPSS
Total number of security vulnerabilities89