CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20674
https://notcve.org/view.php?id=CVE-2023-20674
06 Apr 2023 — In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-20677
https://notcve.org/view.php?id=CVE-2023-20677
06 Apr 2023 — In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20661
https://notcve.org/view.php?id=CVE-2023-20661
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20660
https://notcve.org/view.php?id=CVE-2023-20660
06 Apr 2023 — In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 46EXPL: 0CVE-2023-20659
https://notcve.org/view.php?id=CVE-2023-20659
06 Apr 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 35EXPL: 0CVE-2023-20663
https://notcve.org/view.php?id=CVE-2023-20663
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20682
https://notcve.org/view.php?id=CVE-2023-20682
06 Apr 2023 — In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441605; Issue ID: ALPS07441605. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0CVE-2023-1855 – kernel: use-after-free bug in remove function xgene_hwmon_remove
https://notcve.org/view.php?id=CVE-2023-1855
05 Apr 2023 — A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem. A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due ... • https://github.com/torvalds/linux/commit/cb090e64cf25602b9adaf32d5dfc9c8bec493cd1 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0CVE-2023-1838 – kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()
https://notcve.org/view.php?id=CVE-2023-1838
05 Apr 2023 — A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a ker... • https://lore.kernel.org/netdev/20220516084213.26854-1-jasowang%40redhat.com/T • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-1476 – Kpatch: mm/mremap.c: incomplete fix for cve-2022-41222
https://notcve.org/view.php?id=CVE-2023-1476
05 Apr 2023 — A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. Se encontró una falla de use-after-free en el código fuente de contabilidad del espacio de direcciones de memoria mm/mremap del kernel de Linux. Este problema ocurre debido a una condición de ejecución entre rmap walk y mremap, lo qu... • https://access.redhat.com/errata/RHSA-2023:1659 • CWE-416: Use After Free •