CVE-2013-2548
- EPSS 0.39%
- Veröffentlicht 15.03.2013 20:55:08
- Zuletzt bearbeitet 29.04.2026 01:13:23
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive infor...
CVE-2012-6537
- EPSS 0.38%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.
CVE-2012-6538
- EPSS 0.35%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NE...
CVE-2012-6539
- EPSS 0.36%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2012-6540
- EPSS 0.36%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memor...
CVE-2012-6541
- EPSS 0.35%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2012-6542
- EPSS 0.35%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that le...
CVE-2012-6544
- EPSS 0.37%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2)...
CVE-2012-6545
- EPSS 0.37%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.
CVE-2012-6546
- EPSS 0.4%
- Veröffentlicht 15.03.2013 20:55:07
- Zuletzt bearbeitet 29.04.2026 01:13:23
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.