Vulnerabilities > Linux > Linux Kernel > 3.0.56

DATE CVE VULNERABILITY TITLE RISK
2014-03-11 CVE-2014-2309 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.
low complexity
linux opensuse suse CWE-119
6.1
2014-03-11 CVE-2014-0102 Cryptographic Issues vulnerability in Linux Kernel
The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
5.2
2013-11-27 CVE-2013-6382 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.
local
high complexity
linux CWE-119
4.0
2013-11-20 CVE-2013-4579 Cryptographic Issues vulnerability in Linux Kernel
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.
network
linux CWE-310
4.3
2013-10-24 CVE-2013-4299 Permissions, Privileges, and Access Controls vulnerability in Linux Kernel
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
network
linux redhat CWE-264
6.0
2013-07-04 CVE-2013-2164 Information Exposure vulnerability in multiple products
The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.
local
low complexity
linux redhat CWE-200
2.1
2013-06-08 CVE-2011-4347 Permissions, Privileges, and Access Controls vulnerability in Linux Kernel
The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.
local
high complexity
linux CWE-264
4.0
2013-06-07 CVE-2013-2147 Resource Management Errors vulnerability in Linux Kernel
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.
local
low complexity
linux suse CWE-399
2.1
2013-04-13 CVE-2013-2596 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
local
low complexity
linux motorola CWE-190
7.8
2013-02-28 CVE-2013-0343 IPv6 Temporary Addresses Remote Security vulnerability in Linux Kernel
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.
high complexity
linux
3.2