CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-1446 – Mandriva Linux Security Advisory 2014-038
https://notcve.org/view.php?id=CVE-2014-1446
18 Jan 2014 — The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. La función yam_ioclt en drivers/net/hamradio/yam.c en el kernel Linux anteriores a 3.1.2.8 no inicializa cierto miembro de estructura, lo cual permite a usuarios locales obtener información snesible de la memoria del kernel apr... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8e3fbf870481eb53b2d3a322d1fc395ad8b367ed • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-1438 – kernel: x86: exceptions are not cleared in AMD FXSAVE workaround
https://notcve.org/view.php?id=CVE-2014-1438
18 Jan 2014 — The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application. La función restore_fpu_checking en arch/x86/include/asm/fpu-internal.h en el kernel Linux anteriores a 3.12.8 en las plataformas AMD K7 y K8 no limpia las excepciones pendientes... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7281 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-7281
08 Jan 2014 — The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función dgram_recvmsg en net/ieee802154/dgram.c en el kernel Linux anteriores a 2.12.4 actualiza cierto valor de longitud sin asegurarse de que una estructura de datos asocia... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7266 – Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic
https://notcve.org/view.php?id=CVE-2013-7266
06 Jan 2014 — The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función mISDN_sock_recvmsg en drivers/isdn/mISDN/socket.c en el kernel Linux anteriores a 3.12.4 no se asegura de que cierto valor de longitud es consistente con el tama... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7268 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-7268
06 Jan 2014 — The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función ipx_recvmsg en net/ipx/af_ipx.c en el kernel Linux anterior a 3.12.4 actualiza cierto valor de longitud sin asegurarde de que una estructura de datos asociada ha sido inicializada,... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7265 – Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
https://notcve.org/view.php?id=CVE-2013-7265
06 Jan 2014 — The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función pn_recvmsg en net/phonet/datagram.c en el kernel Linux anteriores a 3.12.4 actualiza cierto valor de longitud antes de asegurarse de que una estructura de datos asociada h... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7270 – Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic
https://notcve.org/view.php?id=CVE-2013-7270
06 Jan 2014 — The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. la función packet_recvmsg en net/packet/af_packet.c en el kernel Linux anteriores a 3.12.4 actualiza cierto valor de longitud antes de asegurarse de si una estructura de datos asociad... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7271 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-7271
06 Jan 2014 — The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función x25_recvmsg en net/x25/af_x25.c en el kernel Linux anteriores a 3.12.4 actualiza cierto valor de longitud sin asegurarse que una estructura de datos asociada fué inicializada, lo q... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7264 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-7264
06 Jan 2014 — The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función l2tp_ip_recvmsg en net/l2tp/l2tp_ip.c en el kernel Linux 3.12.4 actualiza ciertos valores de longitud antes de asegurarse de que una estructura de datos asociada ha sido... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7269 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-7269
06 Jan 2014 — The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función nr_recvmsg en net/netrom/af_netrom.c en el kernel Linux anterior a 3.12.4 actualiza cierto valor de longitud sin asegurarse de si una estructura de datos asociada ha sido inic... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •