Filtered by vendor Linux
Subscribe
Total
10566 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2546 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2023-11-07 | 2.1 LOW | N/A |
| The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability. | |||||
| CVE-2013-3228 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-3227 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-3231 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-3234 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-2888 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 6.2 MEDIUM | N/A |
| Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID. | |||||
| CVE-2013-2895 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 5.4 MEDIUM | N/A |
| drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device. | |||||
| CVE-2013-2897 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device. | |||||
| CVE-2013-2548 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2023-11-07 | 2.1 LOW | N/A |
| The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. | |||||
| CVE-2013-3224 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-2892 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. | |||||
| CVE-2013-3222 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-3223 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-3236 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-3233 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-2850 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.9 HIGH | N/A |
| Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet. | |||||
| CVE-2013-3229 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2013-2889 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. | |||||
| CVE-2013-2896 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device. | |||||
| CVE-2013-2930 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 3.6 LOW | N/A |
| The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. | |||||