Redhat » Enterprise Linux : Security Vulnerabilities, CVEs, Published In March 2013 (Information Leak)
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
Max CVSS
1.9
EPSS Score
0.12%
Published
2013-03-15
Updated
2019-04-22
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Max CVSS
1.9
EPSS Score
0.12%
Published
2013-03-15
Updated
2019-04-22
The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.
Max CVSS
1.9
EPSS Score
0.12%
Published
2013-03-15
Updated
2019-04-22
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.
Max CVSS
1.9
EPSS Score
0.12%
Published
2013-03-15
Updated
2019-04-22
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.
Max CVSS
1.9
EPSS Score
0.09%
Published
2013-03-15
Updated
2019-04-22
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.
Max CVSS
1.9
EPSS Score
0.04%
Published
2013-03-15
Updated
2019-04-22
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.
Max CVSS
1.9
EPSS Score
0.04%
Published
2013-03-15
Updated
2019-04-22
7 vulnerabilities found