Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*
There are 150 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2013-0349

The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call.

Published: February 28, 2013; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2013-0343

The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.

Published: February 28, 2013; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 3.2 LOW
CVE-2012-4542

block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.

Published: February 28, 2013; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2013-0313

The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem.

Published: February 21, 2013; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-0311

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

Published: February 21, 2013; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2013-0310

The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.

Published: February 21, 2013; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 6.6 MEDIUM
CVE-2013-0309

arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.

Published: February 21, 2013; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-0290

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.

Published: February 19, 2013; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2012-5375

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value.

Published: February 18, 2013; 6:56:38 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-5374

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value.

Published: February 18, 2013; 6:56:38 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-0871

Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-0268

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-0217

Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-0216

The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-0160

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-4530

The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-4398

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2012-5532

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.

Published: December 27, 2012; 6:47:00 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2012-5517

The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator.

Published: December 21, 2012; 6:47:36 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-4508

Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.

Published: December 21, 2012; 6:47:36 AM -0500
V3.x:(not available)
V2.0: 1.9 LOW