Page 174 of 2905 results (0.028 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-7192 – Kernel: refcount leak in ctnetlink_create_conntrack()

https://notcve.org/view.php?id=CVE-2023-7192

A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. Se encontró un problema de pérdida de memoria en ctnetlink_create_conntrack en net/netfilter/nf_conntrack_netlink.c en el kernel de Linux. Este problema puede permitir que un atacante local con privilegios CAP_NET_ADMIN provoque un ataque de denegación de servicio (DoS) debido a un desbordamiento de recuento. • https://access.redhat.com/errata/RHSA-2024:0723 https://access.redhat.com/errata/RHSA-2024:0725 https://access.redhat.com/errata/RHSA-2024:1188 https://access.redhat.com/errata/RHSA-2024:1250 https://access.redhat.com/errata/RHSA-2024:1306 https://access.redhat.com/errata/RHSA-2024:1367 https://access.redhat.com/errata/RHSA-2024:1382 https://access.redhat.com/errata/RHSA-2024:1404 https://access.redhat.com/errata/RHSA-2024:2006 https://access.redhat.com/errata/RHSA • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-6531 – Kernel: gc's deletion of an skb races with unix_stream_read_generic() leading to uaf

https://notcve.org/view.php?id=CVE-2023-6531

A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. Se encontró una falla de use-after-free en el kernel de Linux debido a un problema de ejecución en la eliminación de ejecución de SKB por parte del recolector de basura de Unix con unix_stream_read_generic() en el socket en el que el SKB está en cola. Linux suffers from an io_uring use-after-free vulnerability due to broken unix GC interaction. • https://access.redhat.com/errata/RHSA-2024:2394 https://access.redhat.com/security/cve/CVE-2023-6531 https://bugzilla.redhat.com/show_bug.cgi?id=2253034 https://lore.kernel.org/all/c716c88321939156909cfa1bd8b0faaf1c804103.1701868795.git.asml.silence@gmail.com • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0

CVE-2023-51781

https://notcve.org/view.php?id=CVE-2023-51781

An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. Se descubrió un problema en el kernel de Linux anterior a 6.6.8. atalk_ioctl en net/appletalk/ddp.c tiene un use after free debido a una condición de ejecución atalk_recvmsg. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 https://github.com/torvalds/linux/commit/189ff16722ee36ced4d2a2469d4ab65a8fee4198 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0

CVE-2023-51782

https://notcve.org/view.php?id=CVE-2023-51782

An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. Se descubrió un problema en el kernel de Linux anterior a 6.6.8. rose_ioctl en net/rose/af_rose.c tiene un use after free debido a una condición de ejecución rose_accept. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 https://github.com/torvalds/linux/commit/810c38a369a0a0ce625b5c12169abce1dd9ccd53 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0

CVE-2023-51780 – kernel: use-after-free in net/atm/ioctl.c

https://notcve.org/view.php?id=CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. Se descubrió un problema en el kernel de Linux anterior a 6.6.8. do_vcc_ioctl en net/atm/ioctl.c tiene un use after free debido a una condición de ejecución vcc_recvmsg. A use-after-free flaw was found in the Linux kernel's net/atm/ioctl.c (ATM networking technology driver): do_vcc_ioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vcc_recvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, or cause the system to crash. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://security.netapp.com/advisory/ntap-20240419-0001 https://access.redhat.com/security/cve/CVE-2023-51780 https://bugzilla.redhat.com/show_bug.cgi?id=2257682 • CWE-416: Use After Free •