Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.6.12:rc6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-21803 |
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1. Published: January 30, 2024; 3:15:41 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-51782 |
An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. Published: January 11, 2024; 2:15:12 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2023-51781 |
An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. Published: January 11, 2024; 2:15:12 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2023-51780 |
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. Published: January 11, 2024; 2:15:12 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2023-1611 |
A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea Published: April 03, 2023; 6:15:06 PM -0400 |
V3.1: 6.3 MEDIUM V2.0:(not available) |
CVE-2022-1184 |
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. Published: August 29, 2022; 11:15:10 AM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-33742 |
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). Published: July 05, 2022; 9:15:08 AM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2022-33741 |
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). Published: July 05, 2022; 9:15:08 AM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2022-33740 |
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). Published: July 05, 2022; 9:15:08 AM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2022-26365 |
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). Published: July 05, 2022; 9:15:08 AM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2020-27820 |
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). Published: November 02, 2021; 8:15:07 PM -0400 |
V3.1: 4.7 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2019-12615 |
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). Published: June 03, 2019; 6:29:00 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2013-3237 |
The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3236 |
The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3235 |
net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3234 |
The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3233 |
The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3232 |
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3231 |
The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2013-3230 |
The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |