National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:3.2.16
There are 2,040 matching records.
Displaying matches 1721 through 1740.
Vuln ID Summary CVSS Severity
CVE-2013-0882

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters.

Published: February 23, 2013; 04:55:01 PM -05:00
    V2: 7.5 HIGH
CVE-2013-0881

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via crafted data in the Matroska container format.

Published: February 23, 2013; 04:55:01 PM -05:00
    V2: 5.0 MEDIUM
CVE-2013-0880

Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases.

Published: February 23, 2013; 04:55:01 PM -05:00
    V2: 7.5 HIGH
CVE-2013-0879

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: February 23, 2013; 04:55:00 PM -05:00
    V2: 7.5 HIGH
CVE-2013-0313

The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem.

Published: February 21, 2013; 07:55:01 PM -05:00
    V2: 6.2 MEDIUM
CVE-2013-0311

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

Published: February 21, 2013; 07:55:01 PM -05:00
    V2: 6.5 MEDIUM
CVE-2013-0310

The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.

Published: February 21, 2013; 07:55:01 PM -05:00
    V2: 6.6 MEDIUM
CVE-2013-0309

arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.

Published: February 21, 2013; 07:55:01 PM -05:00
    V2: 4.7 MEDIUM
CVE-2013-0290

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.

Published: February 19, 2013; 02:55:01 PM -05:00
    V2: 4.9 MEDIUM
CVE-2012-5375

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value.

Published: February 18, 2013; 06:56:38 AM -05:00
    V2: 4.0 MEDIUM
CVE-2012-5374

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value.

Published: February 18, 2013; 06:56:38 AM -05:00
    V2: 4.0 MEDIUM
CVE-2013-0871

Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 6.9 MEDIUM
CVE-2013-0268

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 6.2 MEDIUM
CVE-2013-0217

Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 5.2 MEDIUM
CVE-2013-0216

The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 5.2 MEDIUM
CVE-2013-0160

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 2.1 LOW
CVE-2012-4530

The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 2.1 LOW
CVE-2012-4398

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Published: February 17, 2013; 11:41:50 PM -05:00
    V2: 4.9 MEDIUM
CVE-2012-4461

The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.

Published: January 22, 2013; 06:55:02 PM -05:00
    V2: 1.9 LOW
CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.

Published: January 22, 2013; 06:55:02 PM -05:00
    V2: 5.0 MEDIUM