Vulnerability & Exploit Database

Displaying entries 1 - 10 of 16 in total

Results for: CVE-2014-2237 Back to search

USN-2237-1: Linux kernel (Quantal HWE) vulnerability Vulnerability

  • Severity: 7
  • Published: June 07, 2014

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

SUSE: CVE-2014-3153: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: June 07, 2014

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

Cent OS: CVE-2014-3153: CESA-2014:0771 (kernel) Vulnerability

  • Severity: 7
  • Published: June 07, 2014

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

DSA-2745-1 linux -- privilege escalation/denial of service/information leak Vulnerability

  • Severity: 8
  • Published: July 08, 2013

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.

SUSE Linux Security Vulnerability: CVE-2013-2237 Vulnerability

  • Severity: 2
  • Published: July 04, 2013

The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.

USN-1913-1: Linux kernel (EC2) vulnerabilities Vulnerability

  • Severity: 6
  • Published: June 07, 2013

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.

USN-1912-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 6
  • Published: June 07, 2013

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.

ELSA-2013-2542 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 6
  • Published: June 07, 2013

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.