Page 571 of 6556 results (0.013 seconds)

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función sco_sock_recvmsg en net/bluetooth/sco.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8c499175f7d295ef867335bceb9a76a2c3cdc38 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. net/tipc/socket.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. Kees Cook d... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=60085c3d009b0df252547adb336d1ccca5ce52ec • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función vcc_recvmsg en net/atm/common.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9b3e617f3df53822345a8573b6d358f6b9e5ed87 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función ax25_recvmsg en net/ax25/af_ax25.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta estructura de datos, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recv... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef3313e84acbf349caecae942ab3ab731471f1a1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función vsock_stream_sendmsg en net/vmw_vsock/af_vsock.c en el kernel de Linux anterior a v3.9-rc7 no inicializa cierta longitud de variable, lo que permite a usuarios locales obtener información sensible desde la pila del kernel median... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d5e0d0f607a7a029c6563a0470d88255c89a8d11 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función llcp_sock_recvmsg en net/nfc/llcp/sock.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable y cierta estructura de datos, permitiendo a usuarios locales obtener... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d26d6504f23e803824e8ebd14e52d4fc0a0b09cb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0

22 Apr 2013 — The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función bt_sock_recvmsg en net/bluetooth/af_bluetooth.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4683f42fde3977bdb4e8a09622788cc8b5313778 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 5

13 Apr 2013 — Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. Una determinada version de Android v4.1.2 en dispositivos Motorola Razr HD, Razr M, y Atrix HD con el chipset Qualc... • https://github.com/hiikezoe/libfb_mem_exploit • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 216EXPL: 1

05 Apr 2013 — The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process. La implementación de la llamada al sistema clone en el kernel Linux anteriores a v3.8.3 no maneja de forma adecuada la combinación de las «flags» CLONE_NEWUSER y CLONE_FS, lo que permite a usuarios locales ob... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e66eded8309ebf679d3d3c1f5820d1f2ca332c71 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

22 Mar 2013 — net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call. net/dccp/ccid.h en el kernel de Linux anterior a v3.5.4 permite a usuarios locales obtener privilegios o causar una denegación de servicio (referencia a puntero NULL y caída del sistema) mediante el aprovechamiento de la capacidad CAP_NET_ADMIN para c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=276bdb82dedb290511467a5a4fdbe9f0b52dce6f •