Vulnerabilities > Linux > Linux Kernel > 2.6.14.4

DATE CVE VULNERABILITY TITLE RISK
2013-07-16 CVE-2013-1943 Improper Input Validation vulnerability in multiple products
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c.
local
low complexity
linux redhat canonical CWE-20
7.8
2013-06-08 CVE-2011-4347 Permissions, Privileges, and Access Controls vulnerability in Linux Kernel
The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.
local
high complexity
linux CWE-264
4.0
2013-06-08 CVE-2011-4087 Improper Initialization vulnerability in Linux Kernel
The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device.
network
low complexity
linux CWE-665
7.5
2013-06-08 CVE-2011-2482 NULL Pointer Dereference vulnerability in Linux Kernel
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.
network
low complexity
linux CWE-476
7.5
2013-06-08 CVE-2011-1180 Out-of-bounds Write vulnerability in Linux Kernel
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length.
network
low complexity
linux CWE-787
critical
9.8
2013-06-07 CVE-2013-2147 Resource Management Errors vulnerability in Linux Kernel
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.
local
low complexity
linux suse CWE-399
2.1
2013-06-07 CVE-2013-2128 Resource Exhaustion vulnerability in Linux Kernel
The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.
local
low complexity
linux CWE-400
5.5
2013-04-13 CVE-2013-2596 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
local
low complexity
linux motorola CWE-190
7.8
2013-03-01 CVE-2011-2479 Resource Management Errors vulnerability in Linux Kernel
The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application.
local
low complexity
linux CWE-399
5.5
2013-02-28 CVE-2013-0343 IPv6 Temporary Addresses Remote Security vulnerability in Linux Kernel
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.
high complexity
linux
3.2