CVE-2012-4461
- EPSS 0.36%
- Veröffentlicht 22.01.2013 23:55:02
- Zuletzt bearbeitet 29.04.2026 01:13:23
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the gues...
CVE-2012-2119
- EPSS 0.71%
- Veröffentlicht 22.01.2013 23:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length.
CVE-2012-2669
- EPSS 0.35%
- Veröffentlicht 27.12.2012 11:47:00
- Zuletzt bearbeitet 16.06.2026 23:41:50
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.
- EPSS 3.61%
- Veröffentlicht 21.12.2012 11:47:36
- Zuletzt bearbeitet 16.06.2026 23:45:06
The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.
CVE-2012-4508
- EPSS 0.29%
- Veröffentlicht 21.12.2012 11:47:36
- Zuletzt bearbeitet 16.06.2026 23:45:13
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.
CVE-2012-4565
- EPSS 0.49%
- Veröffentlicht 21.12.2012 11:47:36
- Zuletzt bearbeitet 16.06.2026 23:45:24
The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by read...
- EPSS 0.39%
- Veröffentlicht 21.12.2012 11:47:36
- Zuletzt bearbeitet 16.06.2026 23:46:55
The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by us...
CVE-2012-0957
- EPSS 0.96%
- Veröffentlicht 21.12.2012 11:47:35
- Zuletzt bearbeitet 16.06.2026 23:38:34
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.
CVE-2012-3511
- EPSS 0.38%
- Veröffentlicht 04.10.2012 03:28:35
- Zuletzt bearbeitet 16.06.2026 23:43:22
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
CVE-2012-3520
- EPSS 0.43%
- Veröffentlicht 03.10.2012 11:02:57
- Zuletzt bearbeitet 16.06.2026 23:43:23
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Ava...