CVSS: 6.7EPSS: 0%CPEs: 18EXPL: 1CVE-2023-4273 – Kernel: exfat: stack overflow in exfat_get_uniname_from_ext_entry
https://notcve.org/view.php?id=CVE-2023-4273
09 Aug 2023 — A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Se ha encontrado un fallo en el controlador exFAT del núcleo de Linu... • https://access.redhat.com/errata/RHSA-2023:6583 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-4194 – Kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid
https://notcve.org/view.php?id=CVE-2023-4194
07 Aug 2023 — A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that t... • https://access.redhat.com/errata/RHSA-2023:6583 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2023-4147 – Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free
https://notcve.org/view.php?id=CVE-2023-4147
07 Aug 2023 — A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. Se encontró una falla de use-after-free en la funcionalidad Netfilter del kernel de Linux al agregar una regla con NFTA_RULE_CHAIN_ID. Esta falla permite a un usuario local bloquear o escalar sus privilegios en el sistema. • https://github.com/murdok1982/Exploit-en-Python-para-CVE-2023-4147 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-4132 – Kernel: smsusb: use-after-free caused by do_submit_urb()
https://notcve.org/view.php?id=CVE-2023-4132
03 Aug 2023 — A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition. • https://access.redhat.com/errata/RHSA-2023:6901 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4133 – Kernel: cxgb4: use-after-free in ch_flower_stats_cb()
https://notcve.org/view.php?id=CVE-2023-4133
03 Aug 2023 — A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition. • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2023-3567 – Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race
https://notcve.org/view.php?id=CVE-2023-3567
24 Jul 2023 — A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3863 – Use-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.c
https://notcve.org/view.php?id=CVE-2023-3863
24 Jul 2023 — A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue. • https://access.redhat.com/security/cve/CVE-2023-3863 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-3776 – Use-after-free in Linux kernel's net/sched: cls_fw component
https://notcve.org/view.php?id=CVE-2023-3776
21 Jul 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b225... • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0160 – Possibility of deadlock in libbpf function sock_hash_delete_elem
https://notcve.org/view.php?id=CVE-2023-0160
18 Jul 2023 — A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system. • https://access.redhat.com/security/cve/CVE-2023-0160 • CWE-667: Improper Locking CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38409 – kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment
https://notcve.org/view.php?id=CVE-2023-38409
17 Jul 2023 — An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info). A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denia... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.12 • CWE-129: Improper Validation of Array Index CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •