CVE-2013-3236
https://notcve.org/view.php?id=CVE-2013-3236
The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función vmci_transport_dgram_dequeue en net/vmw_vsock/vmci_transport.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=680d04e0ba7e926233e3b9cee59125ce181f66ba http://www.openwall.com/lists/oss-security/2013/04/14/3 http://www.openwall.com/lists/oss-security/2013/04/22/11 http://www.openwall.com/lists/oss-security/2013/04/22/13 http://www.openwall.com/lists/oss-security/2013/04/22/14 http://www.openwall.com/lists/oss-security/2013/04/22/3 http://www.openwall.com/lists/oss-security/2013/04/23/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-3234
https://notcve.org/view.php?id=CVE-2013-3234
The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función rose_recvmsg en net/rose/af_rose.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4a184233f21645cf0b719366210ed445d1024d72 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://www.mandr • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-3223
https://notcve.org/view.php?id=CVE-2013-3223
The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función ax25_recvmsg en net/ax25/af_ax25.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta estructura de datos, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef3313e84acbf349caecae942ab3ab731471f1a1 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://www.mandr • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-3231 – Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg
https://notcve.org/view.php?id=CVE-2013-3231
The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función llc_ui_recvmsg en net/llc/af_llc.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c77a4b9cffb6215a15196ec499490d116dfad181 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://rhn.redha • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-3232
https://notcve.org/view.php?id=CVE-2013-3232
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función nr_recvmsg en net/netrom/af_netrom.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta estructura de datos, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3ce5efad47b62c57a4f5c54248347085a750ce0e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c802d759623acbd6e1ee9fbdabae89159a513913 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html http://lists.opensuse.org/opensuse-security • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •