CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2023-3141 – kernel: Use after free bug in r592_remove
https://notcve.org/view.php?id=CVE-2023-3141
09 Jun 2023 — A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. It was discovered that the XFS... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 3CVE-2023-2598
https://notcve.org/view.php?id=CVE-2023-2598
01 Jun 2023 — A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation. Se encontró una falla en el código de registro de búfer fijo para io_uring (io_sqe_buffer_register en io_uring/rsrc.c) en el kernel de Linux que permite el acceso fuera de los límites a la memoria física más allá del final del búfer. Esta falla pe... • https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 16EXPL: 5CVE-2023-32233 – kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
https://notcve.org/view.php?id=CVE-2023-32233
08 May 2023 — In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and write... • https://github.com/oferchen/POC-CVE-2023-32233 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2023-2236 – Use-after-free in Linux kernel's Performance Events subsystem
https://notcve.org/view.php?id=CVE-2023-2236
01 May 2023 — A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4. A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d94c04c0db024922e886c9fd429659f22f48ea4 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-2006 – Linux Kernel RxRPC Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-2006
13 Apr 2023 — A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target syste... • https://bugzilla.redhat.com/show_bug.cgi?id=2189112 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 2CVE-2023-26607 – Ubuntu Security Notice USN-6014-1
https://notcve.org/view.php?id=CVE-2023-26607
26 Feb 2023 — In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD process... • https://github.com/Trinadh465/linux-4.1.15_CVE-2023-26607 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2022-41858 – kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip
https://notcve.org/view.php?id=CVE-2022-41858
17 Jan 2023 — A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. • https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-23559 – Ubuntu Security Notice USN-5924-1
https://notcve.org/view.php?id=CVE-2023-23559
13 Jan 2023 — In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma. It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was disc... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 3CVE-2022-41222 – kernel: mm/mremap.c use-after-free vulnerability
https://notcve.org/view.php?id=CVE-2022-41222
21 Sep 2022 — mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. El archivo mm/mremap.c en el kernel de Linux versiones anteriores a 5.13.3, presenta un uso de memoria previamente liberada por medio de un TLB obsoleto porque un bloqueo rmap no es mantenido durante un movimiento PUD A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk a... • https://packetstorm.news/files/id/168466 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-39189 – kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
https://notcve.org/view.php?id=CVE-2022-39189
02 Sep 2022 — An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. Se ha detectado un problema en el subsistema KVM x86 en el kernel de Linux versiones anteriores a 5.18.17. Los usuarios invitados no privilegiados pueden comprometer el kernel invitado porque las operaciones de vaciado del TLB son manejadas inapropiadamente en determinadas situaciones d... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2309 • CWE-416: Use After Free •