Linux : Security Vulnerabilities, CVEs, Published In October 2012 (Denial of service)
The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call.
Max CVSS
6.6
EPSS Score
0.04%
Published
2012-10-10
Updated
2023-02-13
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic.
Max CVSS
7.1
EPSS Score
1.48%
Published
2012-10-03
Updated
2023-02-13
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
Max CVSS
6.2
EPSS Score
0.04%
Published
2012-10-04
Updated
2023-02-13
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.
Max CVSS
5.6
EPSS Score
0.04%
Published
2012-10-03
Updated
2023-02-13
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.
Max CVSS
7.8
EPSS Score
8.92%
Published
2012-10-03
Updated
2023-02-13
Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.
Max CVSS
7.6
EPSS Score
2.81%
Published
2012-10-03
Updated
2023-02-13
The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.
Max CVSS
4.9
EPSS Score
0.05%
Published
2012-10-03
Updated
2023-02-13
The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call.
Max CVSS
4.9
EPSS Score
0.04%
Published
2012-10-03
Updated
2023-02-13
8 vulnerabilities found