Linux » Linux Kernel : Security Vulnerabilities, CVEs, Published In February 2013
The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter.
Max CVSS
4.0
EPSS Score
0.04%
Published
2013-02-28
Updated
2023-02-13
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.
Max CVSS
6.2
EPSS Score
0.07%
Published
2013-02-28
Updated
2023-02-13
The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console_drivers function call.
Max CVSS
4.0
EPSS Score
0.04%
Published
2013-02-28
Updated
2013-08-22
Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.
Max CVSS
6.2
EPSS Score
0.04%
Published
2013-02-28
Updated
2023-02-13
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
Max CVSS
7.2
EPSS Score
0.06%
Published
2013-02-28
Updated
2023-11-01
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.
Max CVSS
6.9
EPSS Score
0.04%
Published
2013-02-18
Updated
2023-08-11
The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call.
Max CVSS
1.9
EPSS Score
0.04%
Published
2013-02-28
Updated
2023-02-13
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.
Max CVSS
3.2
EPSS Score
2.50%
Published
2013-02-28
Updated
2014-03-06
The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem.
Max CVSS
6.2
EPSS Score
0.04%
Published
2013-02-22
Updated
2023-02-13
The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.
Max CVSS
6.5
EPSS Score
0.06%
Published
2013-02-22
Updated
2023-02-13
The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.
Max CVSS
6.6
EPSS Score
0.04%
Published
2013-02-22
Updated
2023-02-13
arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.
Max CVSS
4.7
EPSS Score
0.04%
Published
2013-02-22
Updated
2023-02-13
The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.
Max CVSS
4.9
EPSS Score
0.04%
Published
2013-02-19
Updated
2023-02-13
The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.
Max CVSS
6.2
EPSS Score
0.20%
Published
2013-02-18
Updated
2023-02-13
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.
Max CVSS
4.9
EPSS Score
0.06%
Published
2013-02-13
Updated
2017-08-29
Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions.
Max CVSS
5.2
EPSS Score
0.18%
Published
2013-02-18
Updated
2023-02-13
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.
Max CVSS
5.2
EPSS Score
0.24%
Published
2013-02-18
Updated
2023-02-13
The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.
Max CVSS
4.9
EPSS Score
0.04%
Published
2013-02-13
Updated
2013-03-08
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
Max CVSS
2.1
EPSS Score
0.05%
Published
2013-02-18
Updated
2017-11-29
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value.
Max CVSS
4.0
EPSS Score
0.05%
Published
2013-02-18
Updated
2014-01-04
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value.
Max CVSS
4.0
EPSS Score
0.04%
Published
2013-02-18
Updated
2014-01-04
block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.
Max CVSS
4.6
EPSS Score
0.04%
Published
2013-02-28
Updated
2023-02-13
The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Max CVSS
2.1
EPSS Score
0.05%
Published
2013-02-18
Updated
2023-02-13
The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.
Max CVSS
4.9
EPSS Score
0.04%
Published
2013-02-18
Updated
2015-03-26
24 vulnerabilities found