VYPR

Vendor CVEs

Linux

All CVEs

15,929 total · sorted by risk
  • CVE-2013-2636Mar 22, 2013
    risk 0.00cvss epss 0.00

    net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

  • CVE-2013-2635Mar 22, 2013
    risk 0.00cvss epss 0.00

    The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2013-2634Mar 22, 2013
    risk 0.00cvss epss 0.00

    net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2013-1860Mar 22, 2013
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.

  • CVE-2013-1848Mar 22, 2013
    risk 0.00cvss epss 0.01

    fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.

  • CVE-2013-1828Mar 22, 2013
    risk 0.00cvss epss 0.01

    The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an…

  • CVE-2013-1827Mar 22, 2013
    risk 0.00cvss epss 0.00

    net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call.

  • CVE-2013-1826Mar 22, 2013
    risk 0.00cvss epss 0.01

    The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system…

  • CVE-2013-1798Mar 22, 2013
    risk 0.00cvss epss 0.01

    The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory…

  • CVE-2013-1797Mar 22, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address…

  • CVE-2013-1796Mar 22, 2013
    risk 0.00cvss epss 0.01

    The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory…

  • CVE-2013-1792Mar 22, 2013
    risk 0.00cvss epss 0.00

    Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in…

  • CVE-2013-0914Mar 22, 2013
    risk 0.00cvss epss 0.00

    The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a…

  • CVE-2013-0913Mar 18, 2013
    risk 0.00cvss epss 0.01

    Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of…

  • CVE-2013-2548Mar 15, 2013
    risk 0.00cvss epss 0.00

    The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by…

  • CVE-2013-2547Mar 15, 2013
    risk 0.00cvss epss 0.00

    The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by…

  • CVE-2013-2546Mar 15, 2013
    risk 0.00cvss epss 0.00

    The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

  • CVE-2012-6549Mar 15, 2013
    risk 0.00cvss epss 0.00

    The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

  • CVE-2012-6548Mar 15, 2013
    risk 0.00cvss epss 0.00

    The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

  • CVE-2012-6547Mar 15, 2013
    risk 0.00cvss epss 0.00

    The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2012-6546Mar 15, 2013
    risk 0.00cvss epss 0.00

    The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2012-6545Mar 15, 2013
    risk 0.00cvss epss 0.00

    The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

  • CVE-2012-6544Mar 15, 2013
    risk 0.00cvss epss 0.00

    The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.

  • CVE-2012-6543Mar 15, 2013
    risk 0.00cvss epss 0.00

    The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2012-6542Mar 15, 2013
    risk 0.00cvss epss 0.00

    The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized…

  • CVE-2012-6541Mar 15, 2013
    risk 0.00cvss epss 0.00

    The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2012-6540Mar 15, 2013
    risk 0.00cvss epss 0.00

    The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2012-6539Mar 15, 2013
    risk 0.00cvss epss 0.00

    The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

  • CVE-2012-6538Mar 15, 2013
    risk 0.00cvss epss 0.00

    The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

  • CVE-2012-6537Mar 15, 2013
    risk 0.00cvss epss 0.00

    net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

  • CVE-2012-6536Mar 15, 2013
    risk 0.00cvss epss 0.00

    net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and…

  • CVE-2013-1819Mar 6, 2013
    risk 0.00cvss epss 0.00

    The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability…

  • CVE-2013-0228Mar 1, 2013
    risk 0.00cvss epss 0.00

    The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application.

  • CVE-2011-3638Mar 1, 2013
    risk 0.00cvss epss 0.00

    fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations.

  • CVE-2011-2905Mar 1, 2013
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory.

  • CVE-2011-2491Mar 1, 2013
    risk 0.00cvss epss 0.00

    The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call.

  • CVE-2011-1182Mar 1, 2013
    risk 0.00cvss epss 0.00

    kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.

  • CVE-2011-1019Mar 1, 2013
    risk 0.00cvss epss 0.00

    The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.

  • CVE-2013-1774Feb 28, 2013
    risk 0.00cvss epss 0.00

    The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter.

  • CVE-2013-1773Feb 28, 2013
    risk 0.00cvss epss 0.01

    Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during…

  • CVE-2013-1772Feb 28, 2013
    risk 0.00cvss epss 0.00

    The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and…

  • CVE-2013-1767Feb 28, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy)…

  • CVE-2013-1763Feb 28, 2013
    risk 0.00cvss epss 0.04

    Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.

  • CVE-2013-0349Feb 28, 2013
    risk 0.00cvss epss 0.00

    The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call.

  • CVE-2013-0343Feb 28, 2013
    risk 0.00cvss epss 0.02

    The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation…

  • CVE-2012-4542Feb 28, 2013
    risk 0.00cvss epss 0.00

    block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.

  • CVE-2013-0313Feb 22, 2013
    risk 0.00cvss epss 0.00

    The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have…

  • CVE-2013-0311Feb 22, 2013
    risk 0.00cvss epss 0.01

    The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

  • CVE-2013-0310Feb 22, 2013
    risk 0.00cvss epss 0.00

    The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.

  • CVE-2013-0309Feb 22, 2013
    risk 0.00cvss epss 0.00

    arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.

Page 303 of 319