Max CVSS 7.8 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-3301 7.2
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write acce
22-04-2019 - 17:48 29-04-2013 - 14:55
CVE-2013-2164 2.1
The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.
22-04-2019 - 17:48 04-07-2013 - 21:55
CVE-2013-2206 5.4
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers t
09-01-2018 - 02:29 04-07-2013 - 21:55
CVE-2013-2141 2.1
The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2
09-01-2018 - 02:29 07-06-2013 - 14:03
CVE-2013-3232 4.9
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom sys
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3231 4.7
The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syst
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3224 4.9
The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted re
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3222 4.9
The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3228 4.9
The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfro
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3227 4.9
The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or re
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3229 4.9
The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3223 4.9
The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syste
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3235 4.9
net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syste
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3234 4.9
The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syste
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-1979 6.9
The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.
29-11-2017 - 02:29 03-05-2013 - 11:57
CVE-2013-2852 6.9
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including fo
18-11-2017 - 02:29 07-06-2013 - 14:03
CVE-2013-2851 6.0
Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_arr
26-03-2014 - 04:48 07-06-2013 - 14:03
CVE-2013-2635 1.9
The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
07-02-2014 - 04:47 22-03-2013 - 11:59
CVE-2013-2634 1.9
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
07-02-2014 - 04:47 22-03-2013 - 11:59
CVE-2013-2232 4.9
The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.
07-02-2014 - 04:46 04-07-2013 - 21:55
CVE-2013-2237 2.1
The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message fr
07-02-2014 - 04:46 04-07-2013 - 21:55
CVE-2013-0914 3.6
The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted
07-02-2014 - 04:45 22-03-2013 - 11:59
CVE-2013-2234 2.1
The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by
30-01-2014 - 05:10 04-07-2013 - 21:55
CVE-2013-4162 4.7
The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) vi
04-01-2014 - 04:48 29-07-2013 - 13:59
CVE-2013-3230 4.9
The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfro
04-01-2014 - 04:47 22-04-2013 - 11:41
CVE-2013-3226 4.9
The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom
04-01-2014 - 04:47 22-04-2013 - 11:41
CVE-2013-3233 4.9
The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via
04-01-2014 - 04:47 22-04-2013 - 11:41
CVE-2013-2547 2.1
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information fr
04-01-2014 - 04:46 15-03-2013 - 20:55
CVE-2013-2548 2.1
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive infor
04-01-2014 - 04:46 15-03-2013 - 20:55
CVE-2013-2546 2.1
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NE
04-01-2014 - 04:46 15-03-2013 - 20:55
CVE-2013-2148 2.1
The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation
04-01-2014 - 04:46 07-06-2013 - 14:03
CVE-2013-1929 4.4
Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via c
04-01-2014 - 04:46 07-06-2013 - 14:03
CVE-2013-1819 4.6
The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impa
04-01-2014 - 04:45 06-03-2013 - 22:55
CVE-2013-1059 7.8
net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted buil
04-01-2014 - 04:44 08-07-2013 - 17:55
Back to Top Mark selected
Back to Top