VYPR

Linux kernel

by Linux

Source repositories

CVEs (303)

  • CVE-2013-2017May 3, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.04

    The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.

  • CVE-2013-1979May 3, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.

  • CVE-2013-1959May 3, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a…

  • CVE-2013-2015Apr 29, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable…

  • CVE-2013-1928Apr 29, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl…

  • CVE-2013-1958Apr 24, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the…

  • CVE-2013-1957Apr 24, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace.

  • CVE-2013-1956Apr 24, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The create_user_ns function in kernel/user_namespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system…

  • CVE-2013-3237Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

  • CVE-2013-3236Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or…

  • CVE-2013-3233Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or…

  • CVE-2013-3226Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

  • CVE-2013-3225Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

  • CVE-2013-3224Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

  • CVE-2013-3223Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

  • CVE-2013-3222Apr 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

  • CVE-2013-1858Apr 5, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.02

    The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent…

  • CVE-2013-2636Mar 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

  • CVE-2013-2634Mar 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2013-1860Mar 22, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.

Page 13 of 16