CVE-2013-1826
- EPSS 0.51%
- Veröffentlicht 22.03.2013 11:59:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointe...
CVE-2013-1827
- EPSS 0.48%
- Veröffentlicht 22.03.2013 11:59:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsoc...
CVE-2013-1848
- EPSS 0.58%
- Veröffentlicht 22.03.2013 11:59:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.
CVE-2013-1860
- EPSS 0.82%
- Veröffentlicht 22.03.2013 11:59:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a craf...
CVE-2013-2634
- EPSS 0.46%
- Veröffentlicht 22.03.2013 11:59:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2013-2635
- EPSS 0.43%
- Veröffentlicht 22.03.2013 11:59:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2013-0913
- EPSS 0.56%
- Veröffentlicht 18.03.2013 15:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local use...
CVE-2012-6549
- EPSS 0.39%
- Veröffentlicht 15.03.2013 20:55:08
- Zuletzt bearbeitet 29.04.2026 01:13:23
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
CVE-2013-2546
- EPSS 0.39%
- Veröffentlicht 15.03.2013 20:55:08
- Zuletzt bearbeitet 29.04.2026 01:13:23
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NE...
CVE-2013-2547
- EPSS 0.39%
- Veröffentlicht 15.03.2013 20:55:08
- Zuletzt bearbeitet 29.04.2026 01:13:23
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information fr...