72 matches found
CVE-2012-6538
CVE-2012-6538 affects the Linux kernel prior to 3.6. The vulnerability lives in net/xfrm/xfrm_user.c: the function copy_to_user_auth uses an incorrect C library function for copying a string, enabling local users with CAP_NET_ADMIN to read sensitive information from kernel heap memory. The Miracl...
CVE-2015-2830
CVE-2015-2830 affects the Linux kernel (arch/x86/kernel/entry_64.S) prior to 3.19.2. The TS_COMPAT flag can reach a user-mode task, potentially allowing local attackers to bypass seccomp or audit protections via crafted applications using fork or close. A fix is available in 3.19.2 and later; att...
CVE-2010-3876
CVE-2010-3876 affects the Linux kernel: the code path net/packet/af_packet.c in kernel versions before 2.6.37-rc2 does not properly initialize certain structure members, allowing local users with CAP_NET_RAW to read copies of the applicable structures from kernel stack memory. Publicly document d...
CVE-2010-4073
CVE-2010-4073 affects the Linux kernel IPC compatibility code: before 2.6.37-rc1, several compat syscall handlers (ipc/compat.c and ipc/compat_mq.c) fail to initialize certain structures, enabling local attackers to read potentially sensitive kernel stack memory via vectors in compat_sys_semctl, ...
CVE-2010-4081
CVE-2010-4081 affects the Linux kernel (sound/pci/rme9652/hdspm.c: snd_hdspm_hwdep_ioctl). The root cause is failure to initialize a structure, enabling local users to read potentially sensitive kernel stack memory via SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO. Affected: kernel versions prior to 2.6.36-r...
CVE-2010-4075
The CVE-2010-4075 entry affects the Linux kernel module code: uart_get_count (drivers/serial/serial_core.c) in versions prior to 2.6.37-rc1. The vulnerability arises from not properly initializing a certain structure member, enabling local users to read potentially sensitive information from kern...
CVE-2010-3877
The CVE-2010-3877 issue affects the Linux kernel (as cited in MiracleLinux AXSA:2011-143:02 and related advisories) where get_name in net/tipc/socket.c does not initialize a structure, enabling local attackers to read uninitialized kernel stack memory and leak information. Impact is a local infor...
CVE-2015-1420
CVE-2015-1420 is a Linux kernel race condition in fs/fhandle.c (handle_to_path) up to version 3.19.1. An attacker could bypass size restrictions by manipulating handle_bytes during handle_to_path execution to trigger reads from additional memory locations, enabling local read access to memory. Th...
CVE-2010-4072
CVE-2010-4072 affects the Linux kernel: the copy_shmid_to_user function in ipc/shm.c (pre-2.6.37-rc1) does not initialize a certain structure, enabling local users to leak potentially sensitive information from kernel stack memory via the shmctl interface and the old shm interface. Affected produ...
CVE-2011-1078
CVE-2011-1078 affects the Linux kernel prior to 2.6.39. The vulnerable code is sco_sock_getsockopt_old in net/bluetooth/sco.c, where a structure used with the SCO_CONNINFO option is not initialized, enabling a local attacker to read potentially sensitive data from kernel stack memory. Exploitatio...
CVE-2010-4083
CVE-2010-4083 affects the Linux kernel (pre-2.6.36). The vulnerable code path is copy_semid_to_user() in ipc/sem.c, where a structure is not initialized, enabling local attackers to leak kernel stack memory via semctl commands (IPC_INFO, SEM_INFO, IPC_STAT, SEM_STAT). The issue is mitigated by up...
CVE-2014-4652
CVE-2014-4652 affects the Linux kernel ALSA sound subsystem. A race condition in the tlv handler (snd_ctl_elem_user_tlv) within sound/core/control.c before version 3.15.2 allows local users to read kernel memory via /dev/snd/controlCX. Impact is partial confidentiality of kernel memory. The vulne...
CVE-2014-1446
CVE-2014-1446 affects the Linux kernel up to version 3.12.7, where the yam_ioctl handler in drivers/net/hamradio/yam.c fails to initialize a structure member. This can allow a local attacker with CAP_NET_ADMIN to leak kernel memory via an SIOCYAMGCFG ioctl, enabling information disclosure. The ex...
CVE-2011-2492
CVE-2011-2492 affects the Linux kernel Bluetooth subsystem prior to 3.0-rc4, where certain data structures are not properly initialized. The flaw is exploited via a crafted getsockopt system call in the l2cap_sock_getsockopt_old and rfcomm_sock_getsockopt_old paths, enabling local users to obtain...
CVE-2010-3310
CVE-2010-3310 refers to multiple signedness errors in net/rose/af_rose.c of the Linux kernel, fixed before 2.6.36-rc5-next-20100923. The vulnerability allows local users to induce a denial of service (heap memory corruption) or possibly cause other unspecified impacts through a rose_getname call ...
CVE-2012-2313
The CVE-2012-2313 issue affects the Linux kernel up to version 3.3.7, where rio_ioctl in drivers/net/ethernet/dlink/dl2k.c does not restrict access to the SIOCSMIIREG ioctl. This allows local attackers to write data to an Ethernet adapter via an ioctl call. The vulnerability is rooted in insuffic...
CVE-2010-2803
CVE-2010-2803 affects the Linux kernel DRM subsystem. The drm_ioctl path in drivers/gpu/drm/drm_drv.c allows a local user to request a large memory allocation and may leak kernel memory contents. Affected trees/versions include 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2...
CVE-2010-4078
CVE-2010-4078 affects the Linux kernel before 2.6.36-rc6, where the sisfb_ioctl function in drivers/video/sis/sis_main.c fails to properly initialize a structure member. This allows local users to leak potentially sensitive information from kernel stack memory via the FBIOGET_VBLANK ioctl. Connec...
CVE-2010-4082
CVE-2010-4082 affects the Linux kernel prior to 2.6.36-rc5, where viafb_ioctl_get_viafb_info in drivers/video/via/ioctl.c fails to initialize a structure member. This can allow local users to leak potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. The issu...
CVE-2012-4508
CVE-2012-4508 is a race condition in the Linux kernel's ext4 extents handling (fs/ext4/extents.c) that, before version 3.4.16, allows a local unprivileged user to read data from a deleted file by reading an extent that isn’t properly marked uninitialized. The issue is fixed in the 3.4.16 update (...
CVE-2007-2453
CVE-2007-2453 concerns the Linux kernel RNG. Affected: Linux kernel 2.6 before 2.6.20.13 and 2.6.21.x before 2.6.21.4. Root cause: the entropy pool was not properly seeded when no entropy source, and entropy was extracted using an incorrect cast, which might cause the RNG to produce identical val...
CVE-2008-5700
The CVE-2008-5700 entry concerns the Linux kernel Libata subsystem: it does not set minimum SG_IO timeouts, allowing local DoS via multiple SG_IO invocations. Connected docs (MiracleLinux AXSA advisories) explicitly list CVE-2008-5700 and state the issue affects kernel versions prior to 2.6.27.9,...
CVE-2013-0349
CVE-2013-0349 affects the Linux kernel’s HIDP path: hidp_setup_hid in net/bluetooth/hidp/core.c fails to copy a certain name field, enabling a local attacker to read sensitive kernel memory by setting an oversized name and issuing HIDPCONNADD. The issue exists in kernel versions before 3.7.6. Mit...
CVE-2012-6537
CVE-2012-6537 affects the Linux kernel (before 3.6) in net/xfrm/xfrm_user.c where certain structures are not initialized, enabling local users with CAP_NET_ADMIN to leak sensitive kernel memory. The vulnerability is a local information disclosure through kernel memory exposure. Affected component...
CVE-2012-6545
The CVE-2012-6545 issue affects the Linux kernel Bluetooth RFCOMM implementation. The connected MiracleLinux advisory documents this vulnerability as: before version 3.6, RFCOMM does not properly initialize certain structures, allowing a local attacker to obtain sensitive information from kernel ...
CVE-2012-6548
CVE-2012-6548 affects the Linux kernel: the udf_encode_fh function in fs/udf/namei.c does not initialize a structure member in kernels before 3.6, enabling a local user to read sensitive information from kernel heap memory via a crafted application. Several connected advisories (e.g., Red Hat RHS...
CVE-2010-4525
CVE-2010-4525: The Linux kernel up to 2.6.34.y omits initialization of kvm_vcpu_events->interrupt.pad, enabling local attackers to read potentially sensitive data from kernel stack memory via unspecified vectors. The affected component is kernel/KVM (Linux kernel 2.6.33/2.6.34.y). Multiple adv...
CVE-2012-6542
The CVE-2012-6542 issue affects the Linux kernel prior to 3.6. It involves the function llc_ui_getname in net/llc/af_llc.c returning an incorrect value under certain circumstances, enabling local users to read sensitive data from kernel stack memory via an application that uses an uninitialized p...
CVE-2012-6547
CVE-2012-6547 is the Linux kernel issue where __tun_chr_ioctl in drivers/net/tun.c may leave a structure uninitialized, enabling local users to read kernel stack memory. It is described as affecting Linux kernels prior to 3.6; MiracleLinux advisories list this CVE among others in kernel packages ...
CVE-2013-2634
CVE-2013-2634 affects the Linux kernel prior to 3.8.4. The issue: net/dcb/dcbnl.c does not initialize certain structures, enabling a local attacker to read sensitive data from kernel stack memory via a crafted application. Connected advisories (e.g., MiracleLinux AXSA-2013-592:07) corroborate the...
CVE-2010-4079
CVE-2010-4079 affects the Linux kernel ivtvfb driver (ivtvfb_ioctl in drivers/media/video/ivtv/ivtvfb.c) prior to 2.6.36-rc8. The root cause is failure to initialize a structure member, enabling local users to leak information from kernel stack memory via the FBIOGET_VBLANK ioctl. Affected versio...
CVE-2011-1016
CVE-2011-1016 concerns the Linux kernel Radeon GPU drivers and their DRM subsystem. The affected component is the Radeon GPU driver (radeon/kms) in kernels before 2.6.38-rc5, where data related to the AA resolve registers was not properly validated. This could allow a local user to write to arbit...
CVE-2012-4461
CVE-2012-4461 overview: The Linux kernel KVM subsystem (pre-3.6.9) on hosts using qemu userspace without XSAVE is vulnerable. A local attacker can trigger a denial of service (kernel OOPS) by calling KVM_SET_SREGS to enable the X86_CR4_OSXSAVE bit in the guest CR4, then issuing KVM_RUN. The conne...
CVE-2010-4077
CVE-2010-4077 affects the Linux kernel up to 2.6.36.1: the function ntty_ioctl_tiocgicount in drivers/char/nozomi.c fails to initialize a structure member, allowing local attackers to read potentially sensitive information from kernel stack memory via the TIOCGICOUNT ioctl. The connected advisori...
CVE-2014-1444
Technical details beyond the Initial Description are not publicly provided in the connected documents. Monitor for updates from upstream advisories to confirm affected products, versions, and fixes.
CVE-2012-6544
CVE-2012-6544 affects the Linux kernel Bluetooth stack prior to 3.6. The issue arises from improper initialization of certain structures in the L2CAP/HCI paths, enabling a local attacker to read sensitive data from kernel stack memory via a crafted application. MiracleLinux AXSA-2014-258 (kernel-...
CVE-2011-0006
CVE-2011-0006 affects the Linux kernel before 2.6.37: the ima_lsm_rule_init function in security/ima/ima_policy.c allows a local user to bypass IMA rules if LSM is disabled by an administrator's added IMA rule for LSM. Root cause is a bug in ima_policy.c. The advisory notes this as a fix in 2.6.3...
CVE-2007-3848
CVE-2007-3848 affects the Linux kernel (notably 2.4.35 and other versions) by allowing a local user to send arbitrary signals to a higher-privilege child process via a setuid-root parent dying and delivering an attacker-controlled death signal (PR_SET_PDEATHSIG). The issue is listed in advisories...
CVE-2010-4074
CVE-2010-4074 affects Linux kernel USB subsystem prior to 2.6.36-rc5, where several structure members were not properly initialized. This can let local users read potentially sensitive data from kernel stack memory via TIOCGICOUNT-related ioctl paths, specifically mos7720_ioctl and mos7840_ioctl ...
CVE-2004-0814
CVE-2004-0814 describes race conditions in the Linux terminal layer (kernel 2.4.x and 2.6.x prior to 2.6.9). Root causes include a TIOCSETD ioctl race on a terminal interface accessed by multiple threads and a separate race when switching from console to PPP line discipline, which could allow loc...
CVE-2012-6549
The CVE-2012-6549 entry concerns the Linux kernel vulnerability where isofs_export_encode_fh in fs/isofs/export.c did not initialize a structure member, allowing local attackers to read sensitive data from kernel heap memory via a crafted application. Affected: Linux kernel versions prior to 3.6....
CVE-2013-2635
The CVE-2013-2635 issue affects the Linux kernel’s rtnetlink path: rtnl_fill_ifinfo in net/core/rtnetlink.c does not initialize a structure member, enabling a local attacker to read kernel stack memory. The vulnerability is associated with Linux kernel versions prior to 3.8.4; the documented fix ...
CVE-2024-42155
The CVE-2024-42155 issue affects the Linux kernel on s390 architectures, where the k ey material of protected- or secure-keys should not be visible to the caller. The vulnerability notes that all copies of protected- or secure-keys must be wiped from the stack even if an error occurs. CVSS data p...
CVE-2010-4076
CVE-2010-4076 affects Linux kernel 2.6.36.1 and earlier. The rs_ioctl function in drivers/char/amiserial.c does not initialize a structure member, enabling local users to read potentially sensitive information from kernel stack memory via TIOCGICOUNT. A fix is to apply the kernel update that addr...
CVE-2011-1019
The CVE-2011-1019 issue affects the Linux kernel up to version 2.6.38, where dev_load in net/core/dev.c allows local users with CAP_NET_ADMIN to bypass CAP_SYS_MODULE and load arbitrary modules. This constitutes a local privilege escalation. Remediation is to upgrade to kernel 2.6.38 or newer (as...
CVE-2003-0462
CVE-2003-0462 is a race condition in the Linux 2.4 kernel where env_start/env_end pointers used by the execve path (fs/proc/base.c) can lead to a local denial of service (kernel crash). Documented for several 2.4.x architectures (notably i386/alpha) and tracked in multiple advisories (e.g., Debia...
CVE-2012-6540
CVE-2012-6540 affects the Linux kernel prior to 3.6: do_ip_vs_get_ctl in net/netfilter/ipvs/ip_vs_ctl.c does not initialize a structure for IP_VS_SO_GET_TIMEOUT, enabling local users to read sensitive data from kernel stack memory via a crafted application. Advised fix is upgrading to a kernel wi...
CVE-2009-3556
The CVE-2009-3556 issue is confirmed in multiple connected sources: a Red Hat qla2xxx NPIV-related configuration step in the Linux kernel (2.6.18 on RHEL5) leaves /sys/class/scsi_host/vport_create and /sys/class/scsi_host/vport_delete world-writable, enabling local users to alter SCSI host attrib...
CVE-2006-5757
CVE-2006-5757 is a local privilege vulnerability in the Linux kernel (2.6.x) related to the __find_get_block_slow function within the ISO9660 filesystem. The issue allows a local user to trigger a denial of service (infinite loop) by mounting a crafted ISO9660 image containing malformed data stru...
CVE-2012-6539
CVE-2012-6539: In Linux kernel prior to 3.6, dev_ifconf in net/socket.c fails to initialize a structure, allowing local attackers to read kernel stack memory. SUSE advisories (SUSE-SU-2014:0536-1) roll up fixes and list this CVE among many kernel mitigations; patching/upgrading to kernel 3.6+ is ...