VYPR

Linux kernel

by Linux

Source repositories

CVEs (244)

  • CVE-2013-6383Nov 27, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.

  • CVE-2013-6382Nov 27, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or…

  • CVE-2013-6381Nov 27, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible…

  • CVE-2013-6380Nov 27, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via…

  • CVE-2013-6378Nov 27, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation.

  • CVE-2013-6763Nov 12, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different…

  • CVE-2013-4516Nov 12, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

  • CVE-2013-4515Nov 12, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.

  • CVE-2013-4514Nov 12, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related…

  • CVE-2013-4513Nov 12, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.

  • CVE-2013-4512Nov 12, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.

  • CVE-2013-4470Nov 4, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application…

  • CVE-2013-4348Nov 4, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.09

    The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

  • CVE-2013-2058Nov 4, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a…

  • CVE-2013-4299Oct 24, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.04

    Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.

  • CVE-2013-4387Oct 10, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.03

    net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption…

  • CVE-2013-4350Sep 25, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.04

    The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network.

  • CVE-2013-4343Sep 25, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.

  • CVE-2013-4300Sep 25, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing.

  • CVE-2013-2140Sep 25, 2013
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1)…

Page 9 of 13