CVSS: 7.5EPSS: 0%CPEs: 192EXPL: 0CVE-2012-6542 – Kernel: llc: information leak via getsockname
https://notcve.org/view.php?id=CVE-2012-6542
14 Mar 2013 — The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. La función llc_ui_getname en net/llc/af_llc.c en el kernel de Linux anterior a v3.6 no tiene un incorrecto valor de retorno en ciertas circunstancias, permitiendo a usuarios locales obtener información sensible de la me... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3592aaeb80290bda0f2cf0b5456c97bfc638b192 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 192EXPL: 0CVE-2012-6544 – Kernel: Bluetooth: HCI & L2CAP information leaks
https://notcve.org/view.php?id=CVE-2012-6544
14 Mar 2013 — The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. La pila del protocolo Bluetooth en el kernel de Linux anterior a v3.6 no inicializa correctamente ciertas estructuras, permitiendo a usuarios locales obtener información sensible de la memoria de pila del núcleo a través de una aplicación es... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f68ba07b1da811bf383b4b701b129bfcb2e4988 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 192EXPL: 0CVE-2012-6545 – Kernel: Bluetooth: RFCOMM - information leak
https://notcve.org/view.php?id=CVE-2012-6545
14 Mar 2013 — The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. La aplicación Bluetooth RFCOMM en el kernel de Linux anteriores a v3.6 no inicializa correctamente ciertas estructuras, lo que permite a usuarios locales obtener información sensible de la memoria del núcleo a través de una aplicación diseñada. The kernel packages contain the Linux kernel, th... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9344a972961d1a6d2c04d9008b13617bcb6ec2ef • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6547 – Kernel: net/tun: ioctl() based information leaks
https://notcve.org/view.php?id=CVE-2012-6547
14 Mar 2013 — The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. La función __ tun_chr_ioctl en drivers/net/tun.c en el kernel de Linux anteriores a v3.6 no se inicializa una estructura determinada, que permite a usuarios locales obtener información sensible de la memoria de pila del núcleo a través de una aplicación diseñada. Multiple vulnerab... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a117dacde0288f3ec60b6e5bcedae8fa37ee0dfc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 191EXPL: 0CVE-2012-6548 – Kernel: udf: information leak on export
https://notcve.org/view.php?id=CVE-2012-6548
14 Mar 2013 — The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. La función udf_encode_fh en fs / udf / namei.c en el kernel de Linux anteriores a v3.6 no se inicializa un miembro de cierta estructura, que permite a usuarios locales obtener información sensible de la memoria del núcleo a través de un montón de aplicaciones diseñado. Red Hat Op... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0143fc5e9f6f5aad4764801015bc8d4b4a278200 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6549 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2012-6549
14 Mar 2013 — The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. La función isofs_export_encode_fh en fs / ISOFS / export.c en el kernel de Linux anteriores a v3.6 no se inicializa un miembro de cierta estructura, que permite a usuarios locales obtener información sensible de la memoria del núcleo a través de un montón de aplicacio... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe685aabf7c8c9f138e5ea900954d295bf229175 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 176EXPL: 0CVE-2013-1819 – kernel: xfs: _xfs_buf_find oops on blocks beyond the filesystem end
https://notcve.org/view.php?id=CVE-2013-1819
06 Mar 2013 — The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map. La función _xfs_buf_find en fs/xfs/xfs_buf.c en el kernel de Linux antes de v3.7.6 que no valida bloques de numeros, que permite a usuarios locales de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eb178619f930fa2ba2348de332a1ff1c66a31424 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 170EXPL: 0CVE-2013-0228 – kernel: xen: userspace alterable %ds access in xen_iret()
https://notcve.org/view.php?id=CVE-2013-0228
01 Mar 2013 — The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application. La función xen_iret en arch/x86/xen/xen-asm_32.S en Linux kernel anterior a 3.7.9 en plataformas 32-bit Xen paravirt_ops no manejan adecuadamente un valor invalido en el segmento del registro DS, lo que permite a usuarios en el sistema op... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13d2b4d11d69a92574a55bfd985cfb0ca77aebdc • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 180EXPL: 1CVE-2013-1767 – Kernel: tmpfs: fix use-after-free of mempolicy object
https://notcve.org/view.php?id=CVE-2013-1767
28 Feb 2013 — Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. Vulnerabilidad en la gestión de recursos en la función shmem_remount_fs mm / shmem.c en el kernel de Linux 3.7.10 antes de que permite a usuarios locales obtener privilegios o causar una denegación de servicio (caída del s... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5f00110f7273f9ff04ac69a5f85bb535a4fd0987 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 182EXPL: 0CVE-2012-4542 – kernel: block: default SCSI command filter does not accomodate commands overlap across device classes
https://notcve.org/view.php?id=CVE-2012-4542
28 Feb 2013 — block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes. block / scsi_ioctl.c en el kernel de Linux a través de v3,8 no tiene debidamente en cuenta la clase de dispositivo SCSI durante la autorización de los comandos SCSI, lo que permite a usuarios locales eludir restricciones de acceso destinados a travé... • http://marc.info/?l=linux-kernel&m=135903967015813&w=2 • CWE-264: Permissions, Privileges, and Access Controls •