Lucene search
K

187 matches found

CVE
CVE
•added 2013/05/14 8:0 p.m.•965 views

CVE-2013-2094

CVE-2013-2094 affects the Linux kernel: the perf_swevent_init code in kernel/events/core.c uses an incorrect integer type, enabling a local, unprivileged user to escalate privileges via a crafted perf_event_open call. The issue leads to out-of-bounds access of perf_swevent_enabled and has been fi...

8.4CVSS7.3AI score0.47709EPSS
In wild
CVE
CVE
•added 2013/11/19 3:0 p.m.•805 views

CVE-2013-6282

The CVE-2013-6282 issue affects the Linux kernel on ARM v6k/v7 where get_user and put_user do not validate certain addresses, enabling an unprivileged user to read/write arbitrary kernel memory. Exploitation was reported in the wild on Android devices in late 2013. Affected kernel versions includ...

8.8CVSS7.7AI score0.39711EPSS
In wild
CVE
CVE
•added 2013/04/13 1:0 a.m.•785 views

CVE-2013-2596

CVE-2013-2596 is an integer overflow in the Linux kernel’s fb_mmap implementation (fbmem.c) up to version 3.8.9. It enables a local user to map kernel memory via /dev/graphics/fb0 mmap2, gaining privileges (Motochopper demonstration). Connected advisories (e.g., CentOS RHSA-2016:0450, F5 SOL11353...

7.8CVSS5.7AI score0.03373EPSS
In wildWeb
CVE
CVE
•added 2013/12/09 6:0 p.m.•261 views

CVE-2013-2929

CVE-2013-2929 : The Linux kernel before 3.12.2 fails to properly use get_dumpable in the ptrace subsystem (kernel/ptrace.c, arch/ia64/include/asm/processor.h). This allows a local unprivileged user to bypass ptrace restrictions or read IA64 scratch registers via a crafted application. The vulnera...

3.3CVSS6.2AI score0.00654EPSS
CVE
CVE
•added 2013/09/25 10:0 a.m.•261 views

CVE-2013-4343

CVE-2013-4343 is a use-after-free in drivers/net/tun.c of the Linux kernel up to and including 3.11.1. An unprivileged local user with CAP_NET_ADMIN can exploit an invalid tuntap interface name passed to TUNSETIFF to gain privileges. The vulnerability affects the tun/tap subsystem by abusing a us...

6.9CVSS6.3AI score0.00355EPSS
CVE
CVE
•added 2013/03/14 8:0 p.m.•211 views

CVE-2012-6538

CVE-2012-6538 affects the Linux kernel prior to 3.6. The vulnerability lives in net/xfrm/xfrm_user.c: the function copy_to_user_auth uses an incorrect C library function for copying a string, enabling local users with CAP_NET_ADMIN to read sensitive information from kernel heap memory. The Miracl...

1.9CVSS6.8AI score0.00345EPSS
CVE
CVE
•added 2013/07/04 9:0 p.m.•205 views

CVE-2013-2206

CVE-2013-2206 concerns the Linux kernel SCTP implementation. The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c does not properly handle associations during processing of a duplicate COOKIE ECHO chunk, allowing remote attackers to trigger a denial of service via NULL pointer derefer...

5.4CVSS6.5AI score0.04707EPSS
CVE
CVE
•added 2013/11/19 3:0 p.m.•180 views

CVE-2013-4563

CVE-2013-4563 applies to the Linux kernel UDP Fragmentation Offload (UFO) path. The udp6_ufo_fragment function in net/ipv6/udp_offload.c can mis-evaluate a size comparison before inserting a fragment header when UFO is enabled, enabling remote attackers to trigger a denial of service (panic) by s...

7.1CVSS5.7AI score0.03899EPSS
CVE
CVE
•added 2013/07/08 5:0 p.m.•171 views

CVE-2013-1059

CVE-2013-1059 affects the Linux kernel (net/ceph/auth_none.c) through version 3.10. A remote attacker can trigger a denial of service via an auth_reply message that leads to a NULL pointer dereference and system crash; the content implies possible other impact. In the connected Nessus entries for...

7.8CVSS6.6AI score0.04546EPSS
CVE
CVE
•added 2013/03/14 8:0 p.m.•164 views

CVE-2013-2547

CVE-2013-2547 concerns the Linux kernel: the crypto_report_one() path in crypto_user.c does not fully initialize certain kernel structures when copying data to userspace, risking leakage of kernel heap memory. The vulnerability requires CAP_NET_ADMIN in the base description, enabling a local atta...

2.1CVSS5AI score0.00388EPSS
CVE
CVE
•added 2013/02/18 2:0 a.m.•157 views

CVE-2013-0871

CVE-2013-0871 refers to a race condition in the Linux kernel’s ptrace implementation (PTRACE_SETREGS) that could allow a local user to gain privileges. The issue is in kernels prior to 3.7.5, with the ChangeLog for 3.7.5 documenting the fix. Affected component: Linux kernel (pre-3.7.5); root caus...

6.9CVSS6.7AI score0.01434EPSS
CVE
CVE
•added 2013/03/22 10:0 a.m.•153 views

CVE-2013-1798

The CVE-2013-1798 entry concerns the Linux kernel’s ioapic_read_indirect() in virt/kvm/ioapic.c up to version 3.8.4. A particular sequence of invalid IOAPIC_REG_SELECT/IOAPIC_REG_WINDOW operations can allow a privileged guest OS user to read sensitive host memory or trigger a host OOPS, per multi...

6.2CVSS6.1AI score0.0135EPSS
Web
CVE
CVE
•added 2013/06/07 10:0 a.m.•152 views

CVE-2013-2852

CVE-2013-2852 refers to a format string vulnerability in the b43_request_firmware path of the Broadcom B43 wireless driver for the Linux kernel (up to 3.9.4). The issue arises from format specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message and local...

6.9CVSS5.7AI score0.01022EPSS
Web
CVE
CVE
•added 2013/11/04 11:0 a.m.•148 views

CVE-2013-4470

CVE-2013-4470 affects the Linux kernel prior to 3.12 when UDP Fragmentation Offload (UFO) is enabled. The issue arises from improper initialization of certain data structures in ip_ufo_append_data (IPv4) and ip6_ufo_append_data (IPv6), allowing local users to trigger memory corruption and a syste...

6.9CVSS6.4AI score0.00589EPSS
CVE
CVE
•added 2013/12/14 6:0 p.m.•144 views

CVE-2013-4587

CVE-2013-4587 describes an array index error in kvm_vm_ioctl_create_vcpu() within virt/kvm/kvm_main.c of the Linux kernel (through 3.12.5). This vulnerability enables local privilege escalation via a large id value. The connected Nessus/OpenVAS advisories reference Unity Linux/SUSE/OpenVAS entrie...

7.2CVSS6.2AI score0.0053EPSS
CVE
CVE
•added 2013/06/08 10:0 a.m.•142 views

CVE-2011-1180

The CVE-2011-1180 issue affects the Linux kernel’s IrDA code, specifically the iriap_getvaluebyclass_indication function in net/irda/iriap.c. It describes multiple stack-based buffer overflows caused by unvalidated length fields for names and attributes, allowing remote attackers to trigger memor...

9.8CVSS9.5AI score0.02983EPSS
CVE
CVE
•added 2013/03/01 11:0 a.m.•136 views

CVE-2011-1182

CVE-2011-1182 affects the Linux kernel’s signal handling: kernel/signal.c before 2.6.39 allows local users to spoof the UID and PID of a signal sender via sigqueueinfo. Affected in MiracleLinux 3 (kernel 2.6.18-274.1.AXS3) per AXSA-2011-313:06; the issue is described as a kill-signal spoofing vul...

3.6CVSS6.8AI score0.00489EPSS
CVE
CVE
•added 2013/07/04 9:0 p.m.•136 views

CVE-2013-2164

The CVE-2013-2164 issue affects the Linux kernel (mmc_ioctl_cdrom_read_data in drivers/cdrom/cdrom.c) and allows local users to read kernel memory from a malfunctioning CD-ROM. Affected context: Linux kernel up to version 3.10; exploitation requires local access. Impact per sources: local informa...

2.1CVSS5.6AI score0.00529EPSS
CVE
CVE
•added 2013/10/24 10:0 a.m.•136 views

CVE-2013-4299

CVE-2013-4299 – Linux kernel (up to 3.11.6) Root cause: Interpretation conflict in drivers/md/dm-snap-persistent.c within the Linux kernel up to version 3.11.6. Impact: Remote authenticated users can obtain sensitive information or modify data by issuing a crafted mapping to a snapshot block devi...

6CVSS5.8AI score0.0381EPSS
CVE
CVE
•added 2013/10/10 10:0 a.m.•136 views

CVE-2013-4387

CVE-2013-4387 affects the Linux kernel up to 3.11.4 in the IPv6 path. Specifically, net/ipv6/ip6_output.c does not correctly determine the need for UDP Fragmentation Offload (UFO) processing after queueing a large packet, enabling remote attackers to trigger memory corruption and a system crash v...

6.1CVSS6.8AI score0.02578EPSS
CVE
CVE
•added 2013/10/10 10:0 a.m.•135 views

CVE-2013-4345

CVE-2013-4345 is an off-by-one vulnerability in the Linux kernel’s crypto/ansi_cprng.c get_prng_bytes function, exploitable through requests for small data blocks up to kernel versions before 3.11.4. The issue allows context-dependent attackers to defeat cryptographic protections by mismanaging t...

5.8CVSS5.9AI score0.03181EPSS
CVE
CVE
•added 2013/05/03 10:0 a.m.•132 views

CVE-2013-1979

The CVE-2013-1979 issue affects the Linux kernel (before 3.8.11) in the function scm_set_cred (include/net/scm.h). The root cause is incorrect uid/gid values passed during credentials handling, enabling local privilege escalation via a crafted application. The vulnerability impact is described as...

6.9CVSS5.2AI score0.00418EPSS
CVE
CVE
•added 2013/06/08 10:0 a.m.•131 views

CVE-2011-1585

Technical details for CVE-2011-1585 are not publicly provided in the supplied connected documents. Monitor for updates from vendor advisories or security bulletins to obtain affected products, impact, and fixes.

3.3CVSS7.2AI score0.00494EPSS
CVE
CVE
•added 2013/11/04 11:0 a.m.•130 views

CVE-2013-4348

CVE-2013-4348 affects the Linux kernel (up to 3.12) via skb_flow_dissect in net/core/flow_dissector.c. A crafted small IHL value in IPIP-encapsulated packets can trigger an infinite loop, enabling remote denial of service. The connected Nessus advisories reproduce the same description for Unity L...

7.1CVSS5.9AI score0.09408EPSS
CVE
CVE
•added 2013/12/14 6:0 p.m.•130 views

CVE-2013-6367

CVE-2013-6367 affects the Linux kernel KVM implementation (arch/x86/kvm/lapic.c) up to version 3.12.5. The vulnerability lets guest-OS users cause a denial of service (divide-by-zero, host crash) by crafting modifications to the TMICT value. The MiracleLinux/Unity Linux Nessus entries explicitly ...

5.7CVSS6AI score0.01446EPSS
CVE
CVE
•added 2013/11/19 3:0 p.m.•127 views

CVE-2013-4579

CVE-2013-4579 affects the Linux kernel up to version 3.12, specifically the ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c. The vulnerability uses a BSSID masking approach to determine the set of MAC addresses the Wi‑Fi device listens to, enabling remote attack...

4.3CVSS6.2AI score0.10209EPSS
CVE
CVE
•added 2013/02/28 7:0 p.m.•126 views

CVE-2012-4542

CVE-2012-4542 describes a Linux kernel local access issue in block/scsi_ioctl.c (up to kernel 3.8) where SCSI command authorization does not properly account for the SCSI device class, allowing a local attacker to bypass access restrictions via SG_IO ioctl with overlapping opcodes. Public referen...

4.6CVSS7.4AI score0.00349EPSS
CVE
CVE
•added 2013/07/04 9:0 p.m.•126 views

CVE-2013-2237

CVE-2013-2237 affects the Linux kernel prior to 3.9. The vulnerability arises because key_notify_policy_flush in net/key/af_key.c does not initialize a certain structure member, enabling local attackers to read kernel heap memory via a broadcast message on the IPSec key_socket notify_policy inter...

2.1CVSS5.3AI score0.00557EPSS
CVE
CVE
•added 2013/08/25 1:0 a.m.•125 views

CVE-2013-4247

CVE-2013-4247: Off-by-one error in the Linux kernel fs/cifs/connect.c build_unc_path_to_root function (vulnerable before 3.9.6) can be triggered by a DFS share mount to cause memory corruption and system crash (Denial of Service). Multiple connected advisories (Unity Linux NES/USN entries and Ora...

7.8CVSS6AI score0.03644EPSS
CVE
CVE
•added 2013/09/13 6:0 p.m.•124 views

CVE-2013-2889

CVE-2013-2889 affects the Linux kernel HID subsystem, specifically the HID driver file hid-zpff.c. When the CONFIG_HID_ZEROPLUS option is enabled, a crafted device can let physically proximate attackers cause a denial of service via a heap-based out-of-bounds write (heap corruption). The connecte...

4.7CVSS5.9AI score0.00419EPSS
CVE
CVE
•added 2013/11/27 2:0 a.m.•124 views

CVE-2013-6378

CVE-2013-6378 affects the Linux kernel up to 3.12.1 and is tied to lbs_debugfs_write in drivers/net/wireless/libertas/debugfs.c. The vulnerability lets a local attacker with root privileges cause a denial of service (OOPS) via a zero-length write call. Multiple connected advisories reference this...

4.4CVSS5.7AI score0.00375EPSS
CVE
CVE
•added 2013/02/28 7:0 p.m.•123 views

CVE-2013-0343

CVE-2013-0343 affects the Linux kernel’s IPv6 handling, specifically ipv6_create_tempaddr in net/ipv6/addrconf.c, up to version 3.8. It can allow a remote attacker to cause a denial of service (excessive retries and RA address-generation outage) and potentially obtain sensitive information via IC...

3.2CVSS6AI score0.0181EPSS
CVE
CVE
•added 2013/02/28 7:0 p.m.•123 views

CVE-2013-1774

CVE-2013-1774 affects the Linux kernel (drivers/usb/serial/io_ti.c) prior to 3.7.4. The chase_port function allows local users to trigger a NULL pointer dereference and system crash by performing a read or write on a disconnected Edgeport USB serial converter, resulting in a denial of service. Th...

4CVSS5.8AI score0.00388EPSS
CVE
CVE
•added 2013/09/13 6:0 p.m.•122 views

CVE-2013-2892

The CVE-2013-2892 issue affects the Linux kernel HID subsystem specifically the HID driver at drivers/hid/hid-pl.c. When CONFIG_HID_PANTHERLORD is enabled, a physically proximate crafted HID device can cause a heap-based out-of-bounds write, leading to a denial of service. The provided documents ...

4.7CVSS5.9AI score0.00423EPSS
CVE
CVE
•added 2013/12/14 6:0 p.m.•122 views

CVE-2013-6368

CVE-2013-6368 affects the KVM subsystem in the Linux kernel up to version 3.12.5, enabling local users to gain privileges or trigger a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. The connected advisories for MiracleLinux, Unity Linux, and E...

6.2CVSS6.2AI score0.00613EPSS
CVE
CVE
•added 2013/11/27 2:0 a.m.•122 views

CVE-2013-6382

CVE-2013-6382 refers to multiple buffer underflows in the Linux kernel’s XFS implementation up to version 3.12.1, allowing local, CAP_SYS_ADMIN–bearing users to trigger memory corruption or potential other impacts via the XFS_IOC_ATTRLIST_BY_HANDLE or XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctls with cra...

4CVSS6.5AI score0.00575EPSS
CVE
CVE
•added 2013/06/08 10:0 a.m.•121 views

CVE-2011-2482

Mode C (Normal, details available) CVE-2011-2482 is referenced in connected documentation tied to MiracleLinux 3: kernel-2.6.18-274.2.AXS3. The vulnerability affects the Linux kernel as used by that distribution, and stems from a Red Hat patch to the sctp_sock_migrate function in net/sctp/socket....

7.8CVSS6.8AI score0.03769EPSS
CVE
CVE
•added 2013/07/28 6:0 p.m.•121 views

CVE-2013-4162

CVE-2013-4162 : In the Linux kernel (IPv6 UDP implementation), the function udp_v6_push_pending_frames in net/ipv6/udp.c calls an incorrect function for pending data. This yields a local denial of service (BUG and system crash) when a crafted application uses UDP_CORK via setsockopt. Affected ver...

4.7CVSS5.5AI score0.0042EPSS
CVE
CVE
•added 2013/07/04 9:0 p.m.•119 views

CVE-2013-2232

CVE-2013-2232 affects the Linux kernel prior to 3.10. The vulnerable code is the ip6_sk_dst_check function in net/ipv6/ip6_output.c; it lets a local user cause a denial-of-service (system crash) by using an AF_INET6 socket to connect to an IPv4 interface. A remedy is the upstream patch applied in...

4.9CVSS5.3AI score0.00556EPSS
CVE
CVE
•added 2013/09/13 6:0 p.m.•119 views

CVE-2013-2888

CVE-2013-2888 : The Linux kernel HID subsystem contains multiple array index errors in drivers/hid/hid-core.c that can be triggered by a crafted HID device providing an invalid Report ID. The vulnerability allows physically proximate attackers to execute arbitrary code or cause a denial of servic...

6.2CVSS6.9AI score0.00477EPSS
CVE
CVE
•added 2013/04/29 10:0 a.m.•119 views

CVE-2013-3301

CVE-2013-3301 affects the Linux kernel ftrace implementation up to version before 3.8.8. Local users with CAP_SYS_ADMIN can write to either set_ftrace_pid or set_graph_function and trigger an lseek, leading to a NULL pointer dereference and possible system crash or other impact. Multiple connecte...

7.2CVSS5.6AI score0.00985EPSS
CVE
CVE
•added 2013/11/27 2:0 a.m.•119 views

CVE-2013-6383

The CVE-2013-6383 issue is real in the Linux kernel up to version 3.11.7: the aac_compat_ioctl function in drivers/scsi/aacraid/linit.c does not require CAP_SYS_RAWIO, allowing local users to bypass access restrictions via a crafted ioctl. Affected: Linux kernel prior to 3.11.8 (notably seen in a...

6.9CVSS6.3AI score0.0049EPSS
CVE
CVE
•added 2013/03/22 10:0 a.m.•118 views

CVE-2013-1792

The CVE-2013-1792 entry is valid and has concrete details in connected documents: a race condition in the Linux kernel’s install_user_keyrings() (security/keys/process_keys.c) allows local users to trigger a NULL pointer dereference and crash via concurrent keyctl calls. The vulnerability affects...

4.7CVSS6AI score0.00287EPSS
CVE
CVE
•added 2013/07/04 9:0 p.m.•118 views

CVE-2013-2234

CVE-2013-2234: In the Linux kernel (net/key/af_key.c), the functions key_notify_sa_flush and key_notify_policy_flush do not initialize certain structure members in versions before 3.10, allowing local users to read sensitive information from kernel heap memory via a broadcast message on the IPSec...

2.1CVSS5.7AI score0.00552EPSS
CVE
CVE
•added 2013/02/18 2:0 a.m.•117 views

CVE-2013-0268

The CVE-2013-0268 issue affects the Linux kernel, specifically the msr_open function in arch/x86/kernel/msr.c, vulnerable before version 3.7.6. The vulnerability allows local unprivileged users to bypass capability restrictions and gain root by running a crafted application (msr32.c). Affected co...

6.2CVSS7AI score0.01557EPSS
Web
CVE
CVE
•added 2013/03/22 10:0 a.m.•117 views

CVE-2013-0914

The CVE-2013-0914 issue affects the Linux kernel (before 3.8.4) where the function flush_signal_handlers in kernel/signal.c preserves the sa_restorer field across an exec. This behavior enables local users to bypass ASLR via a crafted application using sigaction. Exploitation details are not prov...

3.6CVSS5.2AI score0.00461EPSS
CVE
CVE
•added 2013/09/13 6:0 p.m.•116 views

CVE-2013-2893

Summary of CVE-2013-2893 from provided sources : The Linux kernel HID subsystem (through version 3.11) with CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF enabled is vulnerable to a denial of service via a crafted USB HID device. The issue manifests as a heap-based out-of-bounds ...

4.7CVSS5.9AI score0.00394EPSS
CVE
CVE
•added 2013/02/13 1:0 a.m.•115 views

CVE-2013-0231

CVE-2013-0231 is discussed in connected advisories as affecting the Xen PCI backend: the pciback_enable_msi function in drivers/xen/pciback/conf_space_capability_msi.c on Linux kernels 2.6.18 and 3.8 allows guest OS users with PCI device access to trigger a denial of service by generating a large...

4.9CVSS5.8AI score0.0044EPSS
CVE
CVE
•added 2013/03/18 3:0 p.m.•115 views

CVE-2013-0913

CVE-2013-0913 affects the i915 DRM driver in the Linux kernel up to version 3.8.3. The vulnerability is an integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c, which can be triggered by a crafted relocation-copy sequence and may lead to a heap-based buffer overflow, potentially enablin...

7.2CVSS7.1AI score0.00556EPSS
CVE
CVE
•added 2013/06/07 10:0 a.m.•114 views

CVE-2013-2851

CVE-2013-2851 is a concrete vulnerability in the Linux kernel: a format-string flaw in the register_disk function (block/genhd.c) that affects kernels up to 3.9.4. It enables a local attacker with root access to gain privileges by writing format specifiers to /sys/module/md_mod/parameters/new_arr...

6CVSS7.3AI score0.0034EPSS
Web
Total number of security vulnerabilities187