CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-23559
https://notcve.org/view.php?id=CVE-2023-23559
13 Jan 2023 — In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23454 – kernel: slab-out-of-bounds read vulnerabilities in cbq_classify
https://notcve.org/view.php?id=CVE-2023-23454
12 Jan 2023 — cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). An out-of-bounds (OOB) read problem was found in cbq_classify in net/sched/sch_cbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate ... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23455 – Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion
https://notcve.org/view.php?id=CVE-2023-23455
12 Jan 2023 — atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). A denial of service flaw was found in atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather th... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-4095
https://notcve.org/view.php?id=CVE-2022-4095
09 Jan 2023 — A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-4378 – kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
https://notcve.org/view.php?id=CVE-2022-4378
05 Jan 2023 — A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. • http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html • CWE-131: Incorrect Calculation of Buffer Size CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4662 – kernel: Recursive locking violation in usb-storage that can cause the kernel to deadlock
https://notcve.org/view.php?id=CVE-2022-4662
22 Dec 2022 — A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. Se encontró un fallo en el control de acceso incorrecto en el subsistema central USB del kernel de Linux en la forma en que el usuario conecta el dispositivo USB. Un usuario local podría utilizar este fallo para bloquear el sistema. An incorrect access control flaw was found in the Linux kernel USB core subsystem. • https://lore.kernel.org/all/20220913140355.910732567%40linuxfoundation.org • CWE-455: Non-exit on Failed Initialization •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47518
https://notcve.org/view.php?id=CVE-2022-47518
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación del número de canales en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico WILC1000 pue... • https://github.com/torvalds/linux/commit/0cdfa9e6f0915e3d243e2393bfa8a22e12d553b0 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47519
https://notcve.org/view.php?id=CVE-2022-47519
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de IEEE80211_P2P_ATTR_OPER_CHANNEL en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico ... • https://github.com/torvalds/linux/commit/051ae669e4505abbe05165bebf6be7922de11f41 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47520
https://notcve.org/view.php?id=CVE-2022-47520
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de compensación en drivers/net/wireless/microchip/wilc1000/hif.c en el controlador inalámbrico WILC1000 puede desencadenar una lectura ... • https://github.com/torvalds/linux/commit/cd21d99e595ec1d8721e1058dcdd4f1f7de1d793 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3104
https://notcve.org/view.php?id=CVE-2022-3104
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. lkdtm_ARRAY_BOUNDS en drivers/misc/lkdtm/bugs.c carece de verificación del valor de retorno de kmalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153062 • CWE-476: NULL Pointer Dereference •