Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

22 matches found

CVE•added 2013/11/20 1:19 p.m.•753 views

CVE-2013-6282

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against ...

8.8CVSS7.7AI score0.46916EPSS

CVE•added 2013/11/20 1:19 p.m.•165 views

CVE-2013-4563

The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via ...

7.1CVSS5.7AI score0.01558EPSS

CVE•added 2013/11/04 3:55 p.m.•124 views

CVE-2013-4470

The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_COR...

6.9CVSS6.4AI score0.00122EPSS

CVE•added 2013/11/20 1:19 p.m.•107 views

CVE-2013-4579

The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after ...

4.3CVSS6.2AI score0.19361EPSS

CVE•added 2013/11/04 3:55 p.m.•106 views

CVE-2013-4348

The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

7.1CVSS5.9AI score0.04267EPSS

CVE•added 2013/11/27 4:43 a.m.•102 views

CVE-2013-6382

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIS...

4CVSS6.5AI score0.00012EPSS

CVE•added 2013/11/27 4:43 a.m.•98 views

CVE-2013-6378

The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation.

4.4CVSS5.7AI score0.00018EPSS

CVE•added 2013/11/27 4:43 a.m.•93 views

CVE-2013-6383

The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.

6.9CVSS6.3AI score0.00033EPSS

CVE•added 2013/11/27 4:43 a.m.•88 views

CVE-2013-6380

The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_S...

4.7CVSS6.5AI score0.00057EPSS

CVE•added 2013/11/27 4:43 a.m.•88 views

CVE-2013-6381

Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer...

6.9CVSS7AI score0.00094EPSS

CVE•added 2013/11/12 2:35 p.m.•81 views

CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in dr...

6.9CVSS6.8AI score0.00075EPSS

CVE•added 2013/11/04 3:55 p.m.•80 views

CVE-2013-4483

The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application.

4.9CVSS5.3AI score0.00092EPSS

CVE•added 2013/11/20 1:19 p.m.•76 views

CVE-2013-4592

Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.

4CVSS7.7AI score0.00043EPSS

CVE•added 2013/11/12 2:35 p.m.•75 views

CVE-2013-4515

The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.

4.9CVSS6.7AI score0.00042EPSS

CVE•added 2013/11/12 2:35 p.m.•70 views

CVE-2013-4514

Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_ui...

4.7CVSS7.5AI score0.00045EPSS

CVE•added 2013/11/20 1:19 p.m.•69 views

CVE-2013-4591

Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended at...

6.2CVSS7.8AI score0.00062EPSS

CVE•added 2013/11/12 2:35 p.m.•62 views

CVE-2013-4513

Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.

4.9CVSS8.6AI score0.00016EPSS

CVE•added 2013/11/12 2:35 p.m.•62 views

CVE-2013-4516

The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

4.9CVSS6.6AI score0.00039EPSS

CVE•added 2013/11/12 2:35 p.m.•62 views

CVE-2013-6763

The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-201...

6.9CVSS6.7AI score0.00075EPSS

CVE•added 2013/11/20 1:19 p.m.•57 views

CVE-2013-4588

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a ...

7CVSS6.6AI score0.00051EPSS

CVE•added 2013/11/12 2:35 p.m.•53 views

CVE-2013-4512

Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.

4.7CVSS7.1AI score0.00131EPSS

CVE•added 2013/11/04 3:55 p.m.•48 views

CVE-2013-2058

The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a USB/Ethernet adapter.

4.7CVSS5.8AI score0.00044EPSS