CVSS: 6.1EPSS: 2%CPEs: 265EXPL: 1CVE-2013-4387 – Kernel: net: IPv6: panic when UFO=On for an interface
https://notcve.org/view.php?id=CVE-2013-4387
10 Oct 2013 — net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. net/ipv6/ip6_output.c en el kernel de Linux hasta la versión 3.11.4 no determina adecuadamente la necesidad de UDP ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2811ebac2521ceac84f2bdae402455baa6a7fb47 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 3CVE-2013-4300
https://notcve.org/view.php?id=CVE-2013-4300
25 Sep 2013 — The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing. La función scm_check_creds en net/core/scm.c en el kernel de Linux anterior a la versión 3.11 realiza una comprobación de la capacidad en un espacio de nombres incorrecto, lo que permite a usuarios locales obtener privilegios a través de PID spoofing. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d661684cf6820331feae71146c35da83d794467e • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2013-4343 – Kernel: net: use-after-free TUNSETIFF
https://notcve.org/view.php?id=CVE-2013-4343
25 Sep 2013 — Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call. Vulnerabilidad de uso despues de liberación en drivers/net/tun.c en el kernel Linux 3.11.1 permite a usuarios locales obtener privilegios aprovechado CAP_NET_ADMIN e introduciendo un nombre de interfaz tuntap inválido en una llamada TUNSETIFF ioctl. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 265EXPL: 1CVE-2013-4350 – kernel: net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit
https://notcve.org/view.php?id=CVE-2013-4350
25 Sep 2013 — The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network. La implementación IPv6 SCTP en net/sctp/ipv6.c en el kernel de Linux hasta v3.11.1 utiliza estructuras de datos y llamadas a funciones que no provocan una configuración pretendida de encriptación IPsec, lo que permite a atacantes remot... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=95ee62083cb6453e056562d91f597552021e6ae7 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2013-5634
https://notcve.org/view.php?id=CVE-2013-5634
25 Sep 2013 — arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl call. arch/arm/kvm/arm.c en el kernel de Linux anterior a v3.10 en la plataforma ARM, cuando KVM es utilizado, permite a los usuarios del sistema operativo anfitrión provocar una denegación de servicio (referencia ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e8180dcaa8470ceca21109f143876fdcd9fe050a • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 241EXPL: 1CVE-2013-2058 – Kernel: usb: chipidea: Allow disabling streaming not just in udc mode
https://notcve.org/view.php?id=CVE-2013-2058
16 Sep 2013 — The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a USB/Ethernet adapter. La función host_start en drivers/usb/Chipidea/host.c en el kernel de Linux anterior a la versión 3.7.4 no soporta adecuadamente una determinada opción no-streaming, que permite a usuarios locales provocar una denegación ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=929473ea05db455ad88cdc081f2adc556b8dc48f • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 259EXPL: 0CVE-2013-2889 – Kernel: HID: zeroplus: heap overflow flaw
https://notcve.org/view.php?id=CVE-2013-2889
13 Sep 2013 — drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. drivers/hid/hid-zpff.c en el subsistema Human Interface Device (HID) del kernel de Linux hasta la versión 3.11, cuando CONFIG_HID_ZEROPLUS está habilitado, permite físicamente a atacantes próximos causar una denegación de servicio (escritura fuera de... • http://marc.info/?l=linux-input&m=137772182014614&w=1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.2EPSS: 0%CPEs: 259EXPL: 0CVE-2013-2890
https://notcve.org/view.php?id=CVE-2013-2890
13 Sep 2013 — drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. drivers/hid/hid-sony.c en el subsistema Human Interface Device (HID) en el kernel de Linux hasta la v3.11, cuando CONFIG_HID_SONY es activado, permite a atacantes físicamente próximos provocar una denegación de servicio (escritura fuera de límites basada... • http://marc.info/?l=linux-input&m=137772182814616&w=1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 259EXPL: 0CVE-2013-2891
https://notcve.org/view.php?id=CVE-2013-2891
13 Sep 2013 — drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. drivers/hid/hid-steelseries.c en el subsistema Human Interface Device (HID) del kernel Linux hasta 3.11, cuando CONFIG_HID_STEELSERIES está activado, permite a atacantes con acceso físico causar una denegación de servicio (escritura fuera d... • http://marc.info/?l=linux-input&m=137772184614622&w=1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 259EXPL: 0CVE-2013-2892 – Kernel: HID: pantherlord: heap overflow flaw
https://notcve.org/view.php?id=CVE-2013-2892
13 Sep 2013 — drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. drivers/hid/hid-pl.c en el subsistema Human Interface Device (HID) del kernel de Linux hasta v3.11, cuando CONFIG_HID_PANTHERLORD está activo, permite a atacantes físicamente próximos causar denegación de servicio (escritura fuera de límites basada ... • http://marc.info/?l=linux-input&m=137772185414625&w=1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •