Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*
There are 1,251 matching records.
Displaying matches 1,221 through 1,240.
Vuln ID Summary CVSS Severity
CVE-2013-3223

The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3222

The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3076

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c.

Published: April 22, 2013; 7:40:59 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-2596

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

Published: April 12, 2013; 10:59:46 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-1858

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process.

Published: April 05, 2013; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2636

net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: March 22, 2013; 7:59:12 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2013-2635

The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2013-2634

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2013-1860

Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-1848

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-1828

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-1798

The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-1797

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-1796

The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-1792

Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-0914

The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.

Published: March 22, 2013; 7:59:11 AM -0400
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2013-0913

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.

Published: March 18, 2013; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2548

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2547

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

Published: March 15, 2013; 4:55:08 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW