U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:3.9:rc1
There are 84 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2014-8133

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.

Published: December 17, 2014; 6:59:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2014-8481

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.

Published: November 10, 2014; 6:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2014-8480

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.

Published: November 10, 2014; 6:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2014-3645

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Published: November 10, 2014; 6:55:06 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-7348

Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via vectors involving an error condition in the aio_setup_ring function.

Published: April 01, 2014; 2:35:53 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2013-7281

The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 08, 2014; 11:55:07 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7271

The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7270

The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7269

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7268

The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7267

The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7266

The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7265

The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7264

The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7263

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-6376

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-6367

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 5.7 MEDIUM
CVE-2013-7027

The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.

Published: December 09, 2013; 1:55:10 PM -0500
V3.x:(not available)
V2.0: 6.1 MEDIUM
CVE-2013-7026

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls.

Published: December 09, 2013; 1:55:10 PM -0500
V3.x:(not available)
V2.0: 4.7 MEDIUM