CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0590 – kernel: use-after-free due to race condition in qdisc_graft()
https://notcve.org/view.php?id=CVE-2023-0590
10 Feb 2023 — A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service. • https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0615
https://notcve.org/view.php?id=CVE-2023-0615
06 Feb 2023 — A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled. • https://bugzilla.redhat.com/show_bug.cgi?id=2166287 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound CWE-369: Divide By Zero CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2CVE-2023-25012 – Ubuntu Security Notice USN-6256-1
https://notcve.org/view.php?id=CVE-2023-25012
01 Feb 2023 — The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. Willia... • http://www.openwall.com/lists/oss-security/2023/02/02/1 • CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 1CVE-2023-0468 – Ubuntu Security Notice USN-6072-1
https://notcve.org/view.php?id=CVE-2023-0468
25 Jan 2023 — A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference. Se encontró una falla de use-after-free en io_uring/poll.c en io_poll_check_events en el subcomponente io_uring en el kernel de Linux debido a una condición de ejecución de poll_refs. Este defecto puede provocar una desreferencia del puntero NULL. It was discovered that the Upper Level Protocol subsys... • https://bugzilla.redhat.com/show_bug.cgi?id=2164024 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2023-0469 – Ubuntu Security Notice USN-5914-1
https://notcve.org/view.php?id=CVE-2023-0469
25 Jan 2023 — A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service. Se encontró una falla de use-after-free en io_uring/filetable.c en io_install_fixed_file en el subcomponente io_uring en el kernel de Linux durante la limpieza de llamadas. Este defecto puede dar lugar a una denegación de servicio. It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not ... • https://bugzilla.redhat.com/show_bug.cgi?id=2163723 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-0394 – kernel: NULL pointer dereference in rawv6_push_pending_frames
https://notcve.org/view.php?id=CVE-2023-0394
24 Jan 2023 — A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX imp... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17 • CWE-476: NULL Pointer Dereference •
CVSS: 7.9EPSS: 0%CPEs: 6EXPL: 1CVE-2023-0266 – Linux Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-0266
24 Jan 2023 — A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal pri... • https://github.com/SeanHeelan/claude_opus_cve_2023_0266 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-47929 – kernel: NULL pointer dereference in traffic control subsystem
https://notcve.org/view.php?id=CVE-2022-47929
17 Jan 2023 — In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. A NULL pointer dereference flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the alloc... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.6 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-23559 – Ubuntu Security Notice USN-5924-1
https://notcve.org/view.php?id=CVE-2023-23559
13 Jan 2023 — In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma. It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was disc... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23454 – kernel: slab-out-of-bounds read vulnerabilities in cbq_classify
https://notcve.org/view.php?id=CVE-2023-23454
12 Jan 2023 — cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). An out-of-bounds (OOB) read problem was found in cbq_classify in net/sched/sch_cbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate ... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •