Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*
There are 1,179 matching records.
Displaying matches 1,121 through 1,140.
Vuln ID Summary CVSS Severity
CVE-2014-1445

The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.

Published: January 18, 2014; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2014-1444

The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call.

Published: January 18, 2014; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 1.7 LOW
CVE-2014-1438

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

Published: January 18, 2014; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-7281

The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 08, 2014; 11:55:07 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7271

The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7270

The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7269

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7268

The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7267

The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7266

The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7265

The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7264

The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-7263

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

Published: January 06, 2014; 11:55:09 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-6376

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 5.2 MEDIUM
CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-6367

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 5.7 MEDIUM
CVE-2013-4587

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Published: December 14, 2013; 1:08:45 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-7027

The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.

Published: December 09, 2013; 1:55:10 PM -0500
V3.x:(not available)
V2.0: 6.1 MEDIUM
CVE-2013-7026

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls.

Published: December 09, 2013; 1:55:10 PM -0500
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-6432

The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application.

Published: December 09, 2013; 1:55:10 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM