CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2013-1860 – kernel: usb: cdc-wdm buffer overflow triggered by device
https://notcve.org/view.php?id=CVE-2013-1860
22 Mar 2013 — Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device. Desbordamiento de búfer basado en memoria dinámica en la función drivers/usb/class/cdc-wdm.c en el kernel de Linux anterior a v3.8.4 permite a atacantes físicamente próximos causar una denegación de servicio (caída del sistema) o posiblem... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c0f5ecee4e741667b2493c742b60b6218d40b3aa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-0913 – Kernel: drm/i915: heap writing overflow
https://notcve.org/view.php?id=CVE-2013-0913
18 Mar 2013 — Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition. Desbordamiento de entero en drivers/gpu/drm/i915/i91... • http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6541
https://notcve.org/view.php?id=CVE-2012-6541
14 Mar 2013 — The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. La función ccid3_hc_tx_getsockopt en net/dccp/ccids/ccid3.c en el kernel de Linux anterior a v3.6 no inicializa correctamente cierta estructura, permitiendo a usuarios locales obtener información sensible de la memoria de pila del núcleo a través de una aplicación espe... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b07f8eb75aa3097cdfd4f6eac3da49db787381d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 217EXPL: 0CVE-2013-2548 – kernel: crypto: info leaks in report API
https://notcve.org/view.php?id=CVE-2013-2548
14 Mar 2013 — The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. La función crypto_report_one en crypto / crypto_user.c en el API de informe del API de configuración de cifrado de usuario en el kernel de Linux a través de v3.8.2 utiliza un valor de longitud... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6547 – Kernel: net/tun: ioctl() based information leaks
https://notcve.org/view.php?id=CVE-2012-6547
14 Mar 2013 — The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. La función __ tun_chr_ioctl en drivers/net/tun.c en el kernel de Linux anteriores a v3.6 no se inicializa una estructura determinada, que permite a usuarios locales obtener información sensible de la memoria de pila del núcleo a través de una aplicación diseñada. Multiple vulnerab... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a117dacde0288f3ec60b6e5bcedae8fa37ee0dfc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 191EXPL: 0CVE-2012-6538 – Kernel: xfrm_user: info leak in copy_to_user_auth
https://notcve.org/view.php?id=CVE-2012-6538
14 Mar 2013 — The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. La función copy_to_user_auth en net/xfrm/xfrm_user.c en el kernel de Linux anterior a v3.6 utiliza una incorrecta función de biblioteca C para copiar una cadena, permitiendo a usuarios locales obtener información sensible de la memoria dinámi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c87308bdea31a7b4828a51f6156e6f721a1fcc9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 217EXPL: 0CVE-2013-2547 – kernel: crypto: info leaks in report API
https://notcve.org/view.php?id=CVE-2013-2547
14 Mar 2013 — The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. La función crypto_report_one en crypto / crypto_user.c en el API de informe en el API de configuración de cifrado de usuario en el kernel de Linux a través de v3.8.2 no inicializa la estructura de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6549 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2012-6549
14 Mar 2013 — The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. La función isofs_export_encode_fh en fs / ISOFS / export.c en el kernel de Linux anteriores a v3.6 no se inicializa un miembro de cierta estructura, que permite a usuarios locales obtener información sensible de la memoria del núcleo a través de un montón de aplicacio... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe685aabf7c8c9f138e5ea900954d295bf229175 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6540
https://notcve.org/view.php?id=CVE-2012-6540
14 Mar 2013 — The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. La función do_ip_vs_get_ctl en net/netfilter/ipvs/ip_vs_ctl.c en el kernel de Linux anterior a v3.6 no inicializa correctamente cierta estructura para comandos IP_VS_SO_GET_TIMEOUT, permitiendo a usuarios locales obtener información ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d8a041b7bfe1097af21441cb77d6af95f4f4680 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2012-6536
https://notcve.org/view.php?id=CVE-2012-6536
14 Mar 2013 — net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state. net/xfrm/xfrm_user.c en el kernel de Linux anterior a v3.6, no verifica que la longitud del mensaje Netlink sea consistente con los campos de determinadas cabeceras, lo que permite a usuarios ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ecd7918745234e423dd87fcc0c077da557909720 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •