CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-1438 – kernel: x86: exceptions are not cleared in AMD FXSAVE workaround
https://notcve.org/view.php?id=CVE-2014-1438
18 Jan 2014 — The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application. La función restore_fpu_checking en arch/x86/include/asm/fpu-internal.h en el kernel Linux anteriores a 3.12.8 en las plataformas AMD K7 y K8 no limpia las excepciones pendientes... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26bef1318adc1b3a530ecc807ef99346db2aa8b0 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2014-1444
https://notcve.org/view.php?id=CVE-2014-1444
18 Jan 2014 — The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. La función fst_get_iface en drivers/net/wan/farsync.c del kernel Linux anteriores a 3.11.7 no inicializa apropiadamente cierta estructura de datos, lo cual permite a usuarios locales obtener información sensible de la ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96b340406724d87e4621284ebac5e059d67b2194 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2014-1445
https://notcve.org/view.php?id=CVE-2014-1445
18 Jan 2014 — The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call. La función wanxl_ioctl en drivers/net/wan/wanxl.c en el kernel Linux anteriores a 3.11.7 no inicializa cierta estructura de datos apropiadamente, lo cual permite a usuarios locales obtener información sensible de la memoria del kernel a través de un allamada ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b13d06c9584b4eb773f1e80bbaedab9a1c344e1 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-1446
https://notcve.org/view.php?id=CVE-2014-1446
18 Jan 2014 — The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. La función yam_ioclt en drivers/net/hamradio/yam.c en el kernel Linux anteriores a 3.1.2.8 no inicializa cierto miembro de estructura, lo cual permite a usuarios locales obtener información snesible de la memoria del kernel apr... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8e3fbf870481eb53b2d3a322d1fc395ad8b367ed • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7281
https://notcve.org/view.php?id=CVE-2013-7281
08 Jan 2014 — The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función dgram_recvmsg en net/ieee802154/dgram.c en el kernel Linux anteriores a 2.12.4 actualiza cierto valor de longitud sin asegurarse de que una estructura de datos asocia... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7263 – Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
https://notcve.org/view.php?id=CVE-2013-7263
06 Jan 2014 — The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. El kernel Linux anterior a 3.12.4 actualiza cierto valor de longitud antes de asegurarse de si una estructura de datos asociada se ha inicia... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7264
https://notcve.org/view.php?id=CVE-2013-7264
06 Jan 2014 — The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función l2tp_ip_recvmsg en net/l2tp/l2tp_ip.c en el kernel Linux 3.12.4 actualiza ciertos valores de longitud antes de asegurarse de que una estructura de datos asociada ha sido... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7265 – Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
https://notcve.org/view.php?id=CVE-2013-7265
06 Jan 2014 — The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función pn_recvmsg en net/phonet/datagram.c en el kernel Linux anteriores a 3.12.4 actualiza cierto valor de longitud antes de asegurarse de que una estructura de datos asociada h... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bceaa90240b6019ed73b49965eac7d167610be69 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7266 – Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic
https://notcve.org/view.php?id=CVE-2013-7266
06 Jan 2014 — The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función mISDN_sock_recvmsg en drivers/isdn/mISDN/socket.c en el kernel Linux anteriores a 3.12.4 no se asegura de que cierto valor de longitud es consistente con el tama... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 284EXPL: 0CVE-2013-7267
https://notcve.org/view.php?id=CVE-2013-7267
06 Jan 2014 — The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. La función atalk_recvmsg en net/appletalk/ddp.c en el kernel Linux anteriores a 3.12.4 actualiza cierto valor de longitud sin asegurarse de que una estructura de datos asociada ha sido i... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c • CWE-20: Improper Input Validation •