Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*
There are 1,255 matching records.
Displaying matches 1,201 through 1,220.
Vuln ID Summary CVSS Severity
CVE-2013-0913

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.

Published: March 18, 2013; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2548

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2547

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-6549

The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6548

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6547

The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6546

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6545

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6543

The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6542

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6541

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6540

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6539

The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6538

The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6537

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:07 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2012-6536

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state.

Published: March 15, 2013; 4:55:05 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-1819

The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map.

Published: March 06, 2013; 5:55:00 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2013-0228

The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application.

Published: March 01, 2013; 7:37:54 AM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM