Linux » Linux Kernel » 2.6.18 rc6 : Security Vulnerabilities, CVEs, Published In 2012 (Information Leak)
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
Max CVSS
2.1
EPSS Score
0.04%
Published
2012-10-03
Updated
2023-02-13
net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.
Max CVSS
5.5
EPSS Score
0.08%
Published
2012-05-24
Updated
2023-02-13
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
Max CVSS
6.0
EPSS Score
0.04%
Published
2012-05-24
Updated
2023-02-13
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.
Max CVSS
2.1
EPSS Score
0.04%
Published
2012-06-13
Updated
2023-02-13
The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2012-06-21
Updated
2023-02-13
The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.
Max CVSS
1.9
EPSS Score
0.04%
Published
2012-06-21
Updated
2023-02-13
6 vulnerabilities found