CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-34256
https://notcve.org/view.php?id=CVE-2023-34256
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a 6.3.3. Hay una lectura fuera de límites en crc16 en "lib/crc16.c" cuando se llama dese "fs/ext4/super.c" porque "ext4_group_desc_csum" no comprueba correctamente un desplazamiento. • https://bugzilla.suse.com/show_bug.cgi?id=1211895 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 2CVE-2023-2002 – Kernel: bluetooth: Unauthorized management command execution
https://notcve.org/view.php?id=CVE-2023-2002
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. • https://github.com/lrh2000/CVE-2023-2002 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240202-0004 https://www.debian.org/security/2023/dsa-5480 https://www.openwall.com/lists/oss-security/2023/04/16/3 https://access.redhat.com/security/cve/CVE-2023-2002 https://bugzilla.redhat.com/show_bug.cgi?id=2187308 • CWE-250: Execution with Unnecessary Privileges CWE-863: Incorrect Authorization •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33288
https://notcve.org/view.php?id=CVE-2023-33288
An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=47c29d69212911f50bdcdd0564b5999a559010d4 https://github.com/torvalds/linux/commit/47c29d69212911f50bdcdd0564b5999a559010d4 https://lore.kernel.org/all/CAHk-=whcaHLNpb7Mu_QX7ABwPgyRyfW-V8=v4Mv0S22fpjY4JQ%40mail.gmail.com https://lore.kernel.org/lkml/20230309174728.233732-1-zyytlz.wz%40163.com • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36694 – kernel: netfilter: use-after-free in the packet processing context
https://notcve.org/view.php?id=CVE-2020-36694
An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12. A use-after-free flaw was found in the packet processing context in net/netfilter/x_tables.c in netfilter in the Linux Kernel. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc00bcaa589914096edef7fb87ca5cee4a166b5c https://security.netapp.com/advisory/ntap-20230622-0005 https://syzkaller.appspot.com/bug?id=0c4fd9c6aa04ec116d01e915d3b186f71a212cb2 https://access.redhat.com/security/cve/CVE-2020-36694 https://bugzilla.redhat.com/show_bug.cgi?id=2212140 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-33203 – kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()
https://notcve.org/view.php?id=CVE-2023-33203
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. A race condition vulnerability was found in the Linux kernel's Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors. • https://bugzilla.redhat.com/show_bug.cgi?id=2192667 https://bugzilla.suse.com/show_bug.cgi?id=1210685 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 https://access.redhat.com/security/cve/CVE-2023-33203 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •