CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3228 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-3228
22 Apr 2013 — The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función irda_recvmsg_dgram en la función net/irda/af_irda.c function en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ae94c0d2f0bed41d6718be743985d61b7f5c47d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3229 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-3229
22 Apr 2013 — The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función iucv_sock_recvmsg en net/iucv/af_iucv.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a5598bd9c087dc0efc250a5221e5d0e6f584ee88 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3230 – Ubuntu Security Notice USN-1837-1
https://notcve.org/view.php?id=CVE-2013-3230
22 Apr 2013 — The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función l2tp_ip6_recvmsg en net/l2tp/l2tp_ip6.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta estructura, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall r... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b860d3cc62877fad02863e2a08efff69a19382d2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3231 – Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg
https://notcve.org/view.php?id=CVE-2013-3231
22 Apr 2013 — The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función llc_ui_recvmsg en net/llc/af_llc.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall re... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c77a4b9cffb6215a15196ec499490d116dfad181 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3232 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-3232
22 Apr 2013 — The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función nr_recvmsg en net/netrom/af_netrom.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta estructura de datos, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3ce5efad47b62c57a4f5c54248347085a750ce0e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3233 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-3233
22 Apr 2013 — The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función llcp_sock_recvmsg en net/nfc/llcp/sock.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable y cierta estructura de datos, permitiendo a usuarios locales obtener... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d26d6504f23e803824e8ebd14e52d4fc0a0b09cb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3234 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-3234
22 Apr 2013 — The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función rose_recvmsg en net/rose/af_rose.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall rec... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4a184233f21645cf0b719366210ed445d1024d72 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 5CVE-2013-2596 – Linux Kernel Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2013-2596
13 Apr 2013 — Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. Una determinada version de Android v4.1.2 en dispositivos Motorola Razr HD, Razr M, y Atrix HD con el chipset Qualc... • https://github.com/hiikezoe/libfb_mem_exploit • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 216EXPL: 1CVE-2013-1858
https://notcve.org/view.php?id=CVE-2013-1858
05 Apr 2013 — The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process. La implementación de la llamada al sistema clone en el kernel Linux anteriores a v3.8.3 no maneja de forma adecuada la combinación de las «flags» CLONE_NEWUSER y CLONE_FS, lo que permite a usuarios locales ob... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e66eded8309ebf679d3d3c1f5820d1f2ca332c71 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0914 – Kernel: sa_restorer information leak
https://notcve.org/view.php?id=CVE-2013-0914
22 Mar 2013 — The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call. La función flush_signal_handlers en kernel/signal.c en el núcleo de Linux anterior a v3.8.4 conserva el valor del campo sa_restorer a través de una operación exec, que hace más fácil a los usuarios de la zona para ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ca39528c01a933f6689cd6505ce65bd6d68a530 • CWE-264: Permissions, Privileges, and Access Controls •