Page 682 of 4436 results (0.019 seconds)

CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 1

CVE-2013-1798 – kernel: kvm: out-of-bounds access in ioapic indirect register reads

https://notcve.org/view.php?id=CVE-2013-1798

The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application. La función ioapic_read_indirect virt/kvm/ioapic.c en el kernel de Linux hasta v3.8.4 no controla correctamente una determinada combinación de IOAPIC_REG_SELECT inválida y operaciones IOAPIC_REG_WINDOW, permitiendo a usuarios invitados del SO obtener información confidencial de la memoria principal o causar una denegación de servicio a través de una aplicación diseñada. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2c118bfab8bc6b8bb213abfc35201e441693d55 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html http://rhn.redhat.com/errata/RHSA-2013-0727.html http://rhn.redhat& • CWE-20: Improper Input Validation •

CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 1

CVE-2013-1860 – kernel: usb: cdc-wdm buffer overflow triggered by device

https://notcve.org/view.php?id=CVE-2013-1860

Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device. Desbordamiento de búfer basado en memoria dinámica en la función drivers/usb/class/cdc-wdm.c en el kernel de Linux anterior a v3.8.4 permite a atacantes físicamente próximos causar una denegación de servicio (caída del sistema) o posiblemente ejecutar código arbitrario a través de un dispositivo USB cdc-wdm espcialmente diseñado. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c0f5ecee4e741667b2493c742b60b6218d40b3aa http://rhn.redhat.com/errata/RHSA-2014-0328.html http://rhn.redhat.com/errata/RHSA-2014-0339.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/03/15/3 http://www.securityfocus.com/bid/58510 http://www.ubuntu.com/usn/USN • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 1.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-2636

https://notcve.org/view.php?id=CVE-2013-2636

net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. net/bridge/br_mdb.c en el kernel de Linux anterior a v3.8.4 no inicializa determinadas estructuras, lo que permite a atacantes locales obtener información sensible desde la memoria del kernel mediante una aplicación especialmente diseñada. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c085c49920b2f900ba716b4ca1c1a55ece9872cc http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4 http://www.openwall.com/lists/oss-security/2013/03/20/1 https://bugzilla.redhat.com/show_bug.cgi?id=923652 https://github.com/torvalds/linux/commit/c085c49920b2f900ba716b4ca1c1a55ece9872cc • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

CVE-2013-0913 – Kernel: drm/i915: heap writing overflow

https://notcve.org/view.php?id=CVE-2013-0913

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition. Desbordamiento de entero en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el driver i915 en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux hasta v3.8.3, como se usaba en Google Chrome OS anterior a v25.0.1364.173 y otros productos, permite a usuarios locales causar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica) o posiblemente tener otro impacto no especificado mediante una aplicación que lanza muchas copias de relocalización, y potencialmente da lugar a una condición de carrera. • http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477 http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://openwall.com/lists/oss-security/2013/03/11/6 http://openwall.com/lists/oss-security/2013/03/13/9 http://openwall.com/lists/os • CWE-189: Numeric Errors •

CVSS: 1.9EPSS: 0%CPEs: 192EXPL: 0

CVE-2012-6542 – Kernel: llc: information leak via getsockname

https://notcve.org/view.php?id=CVE-2012-6542

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. La función llc_ui_getname en net/llc/af_llc.c en el kernel de Linux anterior a v3.6 no tiene un incorrecto valor de retorno en ciertas circunstancias, permitiendo a usuarios locales obtener información sensible de la memoria de pila del núcleo a través de una aplicación especialmente diseñada que se aprovecha de un puntero de argumento no inicializado. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3592aaeb80290bda0f2cf0b5456c97bfc638b192 http://rhn.redhat.com/errata/RHSA-2013-1645.html http://www.openwall.com/lists/oss-security/2013/03/05/13 http://www.ubuntu.com/usn/USN-1805-1 http://www.ubuntu.com/usn/USN-1808-1 https://github.com/torvalds/linux/commit/3592aaeb80290bda0f2cf0b5456c97bfc638b192 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.6.bz2 https://access.redhat.com/security/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •