CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4254 – Ubuntu Security Notice USN-1972-1
https://notcve.org/view.php?id=CVE-2013-4254
25 Aug 2013 — The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event. La función validate_event en arch/arm/kernel/perf_event.c en Linux kernel anterior a v3.10.8 en plataformas ARM permite a usuarios locales conseguir privilegios o causar una denegación de servicio (referencia a un pun... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4247 – Ubuntu Security Notice USN-1936-1
https://notcve.org/view.php?id=CVE-2013-4247
20 Aug 2013 — Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length. Error de superación de límite (off-by-one) en la función build_unc_path_to_root en fs/cifs/connect.c en Linux kernel anterior a v3.9.6 permite a atacantes remotos provocar una denegación de servicio (corrupción de memor... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fc29bacedeabb278080e31bb9c1ecb49f143c3b • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 249EXPL: 1CVE-2013-4129
https://notcve.org/view.php?id=CVE-2013-4129
28 Jul 2013 — The bridge multicast implementation in the Linux kernel through 3.10.3 does not check whether a certain timer is armed before modifying the timeout value of that timer, which allows local users to cause a denial of service (BUG and system crash) via vectors involving the shutdown of a KVM virtual machine, related to net/bridge/br_mdb.c and net/bridge/br_multicast.c. La implementación bridge multicast en el kernel de Linux hasta la 3.10.3 no valida si un temporizador se encuentra activado antes de modificar ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c7e8e8a8f7a70b343ca1e0f90a31e35ab2d16de1 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 248EXPL: 0CVE-2013-4162 – Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled
https://notcve.org/view.php?id=CVE-2013-4162
28 Jul 2013 — The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. La función udp_v6_push_pending_frames en net/ipv6/udp.c en la implementación IPv6 en el kernel de Linux hasta la 3.10.3, realiza una llamada a funciones incorrecta para datos pend... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8822b64a0fa64a5dd1dfcf837c5b0be83f8c05d1 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 248EXPL: 1CVE-2013-4127 – Ubuntu Security Notice USN-1935-1
https://notcve.org/view.php?id=CVE-2013-4127
28 Jul 2013 — Use-after-free vulnerability in the vhost_net_set_backend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service (OOPS and system crash) via vectors involving powering on a virtual machine. Vulnerabilidad de uso después de liberación en la función vhost_net_set_backend en drivers/vhost/net.c en el kernel de Linux hasta la 3.10.3 , permite a usuarios locales provocar una denegación de servicio (OOPS y caída del sistema) a través de vectores que invo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dd7633ecd553a5e304d349aa6f8eb8a0417098c5 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 248EXPL: 1CVE-2013-4163 – Kernel: net: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu
https://notcve.org/view.php?id=CVE-2013-4163
28 Jul 2013 — The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. La función ip6_append_data_mtu en net/ipv6/ip6_output.c en la implementación IPv6 en el kernel de Linux hasta la 3.10.3, no ma... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75a493e60ac4bbe2e977e7129d6d8cbb0dd236be • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 4%CPEs: 246EXPL: 1CVE-2013-4125 – Ubuntu Security Notice USN-1935-1
https://notcve.org/view.php?id=CVE-2013-4125
15 Jul 2013 — The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages. La función fib6_add_rt2node en net/ipv6/ip6_fib.c en l apila IPv6 en el... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=307f2fb95e9b96b3577916e73d92e104f8f26494 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2013-1059 – Debian Security Advisory 2745-1
https://notcve.org/view.php?id=CVE-2013-1059
08 Jul 2013 — net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. net/ceph/auth_none.c en el kernel de Linux hasta v3.10 permite a atacantes remotos a provocar una denegación de servicio (desreferencia de puntero NULL y caída del sistema) o posiblemente tener otros impactos no determinados a través de mens... • http://hkpco.kr/advisory/CVE-2013-1059.txt • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 242EXPL: 1CVE-2013-2237 – Kernel: net: af_key: initialize satype in key_notify_policy_flush
https://notcve.org/view.php?id=CVE-2013-2237
04 Jul 2013 — The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. La función key_notify_policy_flush en net/key/af_key.c en el kernel de linux anterior a v3.9 ni inicializa una cierto miembre de la estructura, lo que permite a usuarios locales obtener información sensible ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=85dfb745ee40232876663ae206cba35f24ab2a40 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 55%CPEs: 233EXPL: 1CVE-2013-2206 – kernel: sctp: duplicate cookie handling NULL pointer dereference
https://notcve.org/view.php?id=CVE-2013-2206
04 Jul 2013 — The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. La función sctp_sf_do_5_2_4_dupcook en net/sctp/sm_statefuns.c en la implementación SCTP en el kernel de Linux anterior a ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2815633504b442ca0b0605c16bf3d88a3a0fcea • CWE-476: NULL Pointer Dereference •