Filtered by vendor Linux
Subscriptions
Filtered by product Linux Kernel
Subscriptions
Total
8171 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-0504 | 5 Adobe, Apple, Linux and 2 more | 5 Flash Player, Mac Os X, Linux Kernel and 2 more | 2024-11-21 | N/A |
Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2013-0349 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call. | ||||
CVE-2013-0343 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-11-21 | N/A |
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages. | ||||
CVE-2013-0313 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem. | ||||
CVE-2013-0311 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-11-21 | N/A |
The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges. | ||||
CVE-2013-0310 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call. | ||||
CVE-2013-0309 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application. | ||||
CVE-2013-0290 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2024-11-21 | N/A |
The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application. | ||||
CVE-2013-0268 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-11-21 | N/A |
The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. | ||||
CVE-2013-0231 | 3 Linux, Redhat, Xen | 3 Linux Kernel, Enterprise Linux, Xen | 2024-11-21 | N/A |
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. | ||||
CVE-2013-0228 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application. | ||||
CVE-2013-0217 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. | ||||
CVE-2013-0216 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. | ||||
CVE-2013-0190 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. | ||||
CVE-2013-0160 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device. | ||||
CVE-2012-6712 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 9.8 Critical |
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. | ||||
CVE-2012-6704 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option. | ||||
CVE-2012-6703 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call. | ||||
CVE-2012-6701 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 High |
Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. | ||||
CVE-2012-6689 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 High |
The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages. |