Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:3.3:rc6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-3227 |
The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3226 |
The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3225 |
The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3224 |
The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3223 |
The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3222 |
The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Published: April 22, 2013; 7:41:01 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-1858 |
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process. Published: April 05, 2013; 5:55:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-2548 |
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. Published: March 15, 2013; 4:55:08 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-2547 |
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. Published: March 15, 2013; 4:55:08 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-2546 |
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability. Published: March 15, 2013; 4:55:08 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2012-6549 |
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. Published: March 15, 2013; 4:55:08 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6548 |
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6547 |
The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6546 |
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6545 |
The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6544 |
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6543 |
The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6542 |
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6541 |
The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2012-6540 |
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. Published: March 15, 2013; 4:55:07 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |