CVE-2023-3776 – Use-after-free in Linux kernel's net/sched: cls_fw component
https://notcve.org/view.php?id=CVE-2023-3776
This may allow a local attacker to gain local privilege escalation. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=0323bce598eea038714f941ce2b22541c46d488f https://kernel.dance/0323bce598eea038714f941ce2b22541c46d488f https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://security.neta • CWE-416: Use After Free •
CVE-2023-3610 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3610
This flaw allows a local attacker with CAP_NET_ADMIN access capability to cause a local privilege escalation problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795 https://kernel.dance/4bedf9eee016286c835e3d8fa981ddece5338795 https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html https://security.netapp.com/advisory/ntap-20230818-0005 https://www.debian.org/security/2023/dsa-5461 https://access.redhat.com/security/cve/CVE-2023-3610 https://bugzilla.redhat.com/show_bug.cgi?id=2225198 • CWE-416: Use After Free •
CVE-2023-3609 – Use-after-free in Linux kernel's net/sched: cls_u32 component
https://notcve.org/view.php?id=CVE-2023-3609
This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc https://kernel.dance/04c55383fa5689357bcdd2c8036725a55ed632bc https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://security.neta • CWE-415: Double Free CWE-416: Use After Free •
CVE-2023-30799 – MikroTik RouterOS Administrator Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-30799
A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. • https://github.com/MarginResearch/FOISted https://vulncheck.com/advisories/mikrotik-foisted • CWE-269: Improper Privilege Management •
CVE-2023-34394 – Keysight N6845A Relative Path Traversal
https://notcve.org/view.php?id=CVE-2023-34394
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition. This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02 • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •