CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3923 – kernel: stack information leak in infiniband RDMA
https://notcve.org/view.php?id=CVE-2021-3923
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. • https://bugzilla.redhat.com/show_bug.cgi?id=2019643 https://lore.kernel.org/all/20220204100036.GA12348%40kili https://access.redhat.com/security/cve/CVE-2021-3923 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-1513 – kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems
https://notcve.org/view.php?id=CVE-2023-1513
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. • https://bugzilla.redhat.com/show_bug.cgi?id=2179892 https://github.com/torvalds/linux/commit/2c10b61421a28e95a46ab489fd56c0f442ff6952 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lore.kernel.org/kvm/20230214103304.3689213-1-gregkh%40linuxfoundation.org https://access.redhat.com/security/cve/CVE-2023-1513 • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 3CVE-2023-0179 – kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan
https://notcve.org/view.php?id=CVE-2023-0179
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. • https://github.com/TurtleARM/CVE-2023-0179-PoC https://github.com/H4K6/CVE-2023-0179-PoC http://packetstormsecurity.com/files/171601/Kernel-Live-Patch-Security-Notice-LNS-0093-1.html https://bugzilla.redhat.com/show_bug.cgi?id=2161713 https://seclists.org/oss-sec/2023/q1/20 https://security.netapp.com/advisory/ntap-20230511-0003 https://access.redhat.com/security/cve/CVE-2023-0179 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-4379 – kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
https://notcve.org/view.php?id=CVE-2022-4379
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75333d48f92256a0dec91dbf07835e804fc411c0 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aeba12b26c79fc35e07e511f692a8907037d95da https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LECFVUHKIRBV5JJBE3KQCLGKNYJPBRCN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAVD6JIILAVSRH • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-45934 – kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
https://notcve.org/view.php?id=CVE-2022-45934
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. Se descubrió un problema en el kernel de Linux hasta la versión 6.0.10. l2cap_config_req en net/bluetooth/l2cap_core.c tiene una envoltura de números enteros a través de paquetes L2CAP_CONF_REQ. An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAP_CONF_REQ packets. This flaw allows a local or bluetooth connection user to crash the system. • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDAKCGDW6CQ6G3RZWYZJO454R3L5CTQB https://security.netapp.com/advisory/ntap-20230113-0008 https://www.debian.org/security/2023/dsa-5324 https://access.redhat.co • CWE-190: Integer Overflow or Wraparound •