Linux » Linux Kernel : Security Vulnerabilities, CVEs, Published In 2013 (Code Execution)
Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID.
Max CVSS
6.2
EPSS Score
0.28%
Published
2013-09-16
Updated
2014-01-04
Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.
Max CVSS
7.9
EPSS Score
3.33%
Published
2013-06-07
Updated
2023-01-19
Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure.
Max CVSS
4.4
EPSS Score
0.23%
Published
2013-06-07
Updated
2023-02-13
Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.
Max CVSS
6.9
EPSS Score
0.32%
Published
2013-03-22
Updated
2023-10-05
Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.
Max CVSS
5.0
EPSS Score
5.44%
Published
2013-01-22
Updated
2023-02-13
Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function.
Max CVSS
6.9
EPSS Score
0.04%
Published
2013-01-22
Updated
2023-08-11
6 vulnerabilities found