Published: 22/03/2013 Updated: 07/11/2023

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

VMScore: 321

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

The flush_signal_handlers function in kernel/signal.c in the Linux kernel prior to 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.8.2
linux linux kernel 3.8.0
linux linux kernel
linux linux kernel 3.8.1

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

Several security issues were fixed in the kernel ...

Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3c in the Linux kernel before 386 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure Use-af ...

The bt_sock_recvmsg function in net/bluetooth/af_bluetoothc in the Linux kernel before 39-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call The udf_encode_fh function in fs/udf/nameic in the Linux kerne ...

CVE-2013-0914

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect