CVSS: 4.4EPSS: 0%CPEs: 45EXPL: 0CVE-2023-32810
https://notcve.org/view.php?id=CVE-2023-32810
04 Sep 2023 — In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212. En el controlador Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.0EPSS: 0%CPEs: 45EXPL: 0CVE-2023-20838
https://notcve.org/view.php?id=CVE-2023-20838
04 Sep 2023 — In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418. En imgsys, existe una posible lectura fuera de límites debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-3777 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3777
30 Aug 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. Una vulnerabilidad de Use-After-Free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para l... • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4611 – Use after free race between mbind() and vma-locked page fault
https://notcve.org/view.php?id=CVE-2023-4611
29 Aug 2023 — A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. • https://access.redhat.com/security/cve/CVE-2023-4611 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-4569 – Kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c
https://notcve.org/view.php?id=CVE-2023-4569
28 Aug 2023 — A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. • https://access.redhat.com/security/cve/CVE-2023-4569 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-4459 – Kernel: vmxnet3: null pointer dereference in vmxnet3_rq_cleanup()
https://notcve.org/view.php?id=CVE-2023-4459
21 Aug 2023 — A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. • https://access.redhat.com/errata/RHSA-2024:0412 • CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-4394 – Memory leak in btrfs_get_dev_args_from_path()
https://notcve.org/view.php?id=CVE-2023-4394
17 Aug 2023 — A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information • https://access.redhat.com/security/cve/CVE-2023-4394 • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2023-4387 – Kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf()
https://notcve.org/view.php?id=CVE-2023-4387
16 Aug 2023 — A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. Se encontró una falla de use-after-free en vmxnet3_rq_alloc_rx_buf en drivers/net/vmxnet3/vmxnet3_drv.c en el controlador NIC Ethernet vmxnet3 de VMware en el kernel de Lin... • https://access.redhat.com/security/cve/CVE-2023-4387 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4385 – Kernel: jfs: null pointer dereference in dbfree()
https://notcve.org/view.php?id=CVE-2023-4385
16 Aug 2023 — A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. Se ha encontrado un fallo de desviación de puntero NULL en dbFree en fs/jfs/jfs_dmap.c en el sistema de archivos de registro diario (JFS) en el Kernel de Linux. Este problema puede permitir a un atacante local bloquear el sistema debido a la falta de una comprobación de sanidad. • https://access.redhat.com/security/cve/CVE-2023-4385 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-40283 – kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c
https://notcve.org/view.php?id=CVE-2023-40283
14 Aug 2023 — An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. A flaw was found in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •