CVSS: 8.1EPSS: 0%CPEs: 269EXPL: 1CVE-2013-4270 – kernel: net: permissions flaw in /proc/sys/net
https://notcve.org/view.php?id=CVE-2013-4270
07 Dec 2013 — The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application. La función net_ctl_permissions en net/sysctl_net.c en el kernel Linux anteriores a 3.11.5 no determina apropiadamente valores uid y gid, lo que permite a usuarios locales franquear restricciones /proc/sys/net a traves de una aplicación manipulada. The kernel-rt packages contain ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2433c8f094a008895e66f25bd1773cdb01c91d01 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2013-6383 – Kernel: AACRAID Driver compat IOCTL missing capability check
https://notcve.org/view.php?id=CVE-2013-6383
27 Nov 2013 — The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. La función aac_compat_ioctl en drivers/scsi/aacraid/linit.c del kernel de Linux anterior a la versión 3.11.8 no requiere la capacidad CAP_SYS_RAWIO, lo que permite a usuarios locales evadir restricciones de acceso intencionadas a través de una llamada ioctl manipulada. The kerne... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f856567b930dfcdbc3323261bf77240ccdde01f5 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2013-6381 – Kernel: qeth: buffer overflow in snmp ioctl
https://notcve.org/view.php?id=CVE-2013-6381
27 Nov 2013 — Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. Desbordamiento de búfer en la función qeth_snmp_command de drivers/s390/net/qeth_core_main.c en el kernel de Linux hasta la versión 3.12.1 permite a usuarios locales provocar una denegación de servicio o po... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fb392b1a63ae36c31f62bc3fc8630b49d602b62 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 274EXPL: 1CVE-2013-6382 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-6382
27 Nov 2013 — Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. Múltiples desbord... • http://www.openwall.com/lists/oss-security/2013/11/22/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 274EXPL: 0CVE-2013-6378 – Kernel: drivers: libertas: potential oops in debugfs
https://notcve.org/view.php?id=CVE-2013-6378
27 Nov 2013 — The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. La función lbs_debugfs_write en drivers/net/wireless/libertas/debugfs.c del kernel de Linux hasta la versión 3.12.1 permite a usuarios locales provocar una denegación de servicio (OOPS) mediante el aprovechamiento de privilegios de root por una operación de escritura de longitud cer... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a497e47d4aec37aaf8f13509f3ef3d1f6a717d88 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 274EXPL: 1CVE-2013-6380 – Ubuntu Security Notice USN-2110-1
https://notcve.org/view.php?id=CVE-2013-6380
27 Nov 2013 — The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. La función aac_send_raw_srb en drivers/scsi/aacraid/commctrl.c del kernel de Linux hasta la versión 3.12.1 no valida adecuadamente un valor de determinado tamaño,... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4789b8e6be3151a955ade74872822f30e8cd914 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 30%CPEs: 273EXPL: 2CVE-2013-4579 – Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Information Disclosure
https://notcve.org/view.php?id=CVE-2013-4579
19 Nov 2013 — The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations. La función ath9k_htc_set_bssid_mask en drivers/net/wireless/ath/ath9k/htc_drv_main.c del kernel de Linux hasta la versión 3.... • https://www.exploit-db.com/exploits/38826 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2013-4563 – Ubuntu Security Notice USN-2113-1
https://notcve.org/view.php?id=CVE-2013-4563
19 Nov 2013 — The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via a large IPv6 UDP packet, as demonstrated by use of the Token Bucket Filter (TBF) queueing discipline. La función udp6_ufo_fragment en net/ipv6/udp_offload.c del kernel de Linux hasta la versión 3.12, cuando está a... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e033e04c2678dbbe74a46b23fffb7bb918c288e • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 288EXPL: 1CVE-2013-4512 – Debian Security Advisory 2906-1
https://notcve.org/view.php?id=CVE-2013-4512
12 Nov 2013 — Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation. Desbordamiento de buffer en la función exitcode_proc_write de arch/um/kernel/exitcode.c del kernel de Linux anterior a la versión 3.12 permite a usuarios locales provocar una denegación de servicio o posiblemente tener otro impacto no especificado mediante... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=201f99f170df14ba52ea4c52847779042b7a623b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 288EXPL: 1CVE-2013-4516 – Ubuntu Security Notice USN-2070-1
https://notcve.org/view.php?id=CVE-2013-4516
12 Nov 2013 — The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. La función mp_get_count de drivers/staging/sb105x/sb_pci_mp.c en el kernel de Linux anterior a la versión 3.12 no inicializa una estructura de datos determinada, lo que permite a usuarios locales obtener información sensible desde la memoria de pila del kern... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b33654b1e3b0c74d4a1fed041c9aae50b3c427 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •