CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-5717 – Out-of-bounds write in Linux kernel's Linux Kernel Performance Events (perf) component
https://notcve.org/view.php?id=CVE-2023-5717
25 Oct 2023 — A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06. Se puede aprovechar una vulnerabilidad de escritura fuera de límites del montón en ... • https://github.com/uthrasri/CVE-2023-5717 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-5633 – Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
https://notcve.org/view.php?id=CVE-2023-5633
23 Oct 2023 — The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. Los cambios en el recuento de referencias realizados como parte de las correcciones CVE-2023-33951 y CVE-2023-33952 expusieron una falla de use-after-free ... • https://access.redhat.com/errata/RHSA-2024:0113 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45898
https://notcve.org/view.php?id=CVE-2023-45898
16 Oct 2023 — The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent. El kernel de Linux anterior a 6.5.4 tiene un es1 use-after-free en fs/ext4/extents_status.c, relacionado con ext4_es_insert_extent. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.4 • CWE-416: Use After Free •
CVSS: 6.3EPSS: 0%CPEs: 9EXPL: 1CVE-2023-40791
https://notcve.org/view.php?id=CVE-2023-40791
16 Oct 2023 — extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page. extract_user_to_sg en lib/scatterlist.c en el kernel de Linux anterior a 6.4.12 no logra desanclar páginas en una situación determinada, como lo demuestra una ADVERTENCIA para try_grab_page. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45871 – kernel: IGB driver inadequate buffer size for frames larger than MTU
https://notcve.org/view.php?id=CVE-2023-45871
15 Oct 2023 — An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. Se descubrió un problema en drivers/net/ethernet/intel/igb/igb_main.c en el controlador IGB en el kernel de Linux anterior a 6.5.3. Es posible que un tamaño de búfer no sea adecuado para tramas más grandes que la MTU. A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45863 – kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write
https://notcve.org/view.php?id=CVE-2023-45863
14 Oct 2023 — An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. Se descubrió un problema en lib/kobject.c en el kernel de Linux anterior a 6.2.3. Con acceso root, un atacante puede desencadenar una condición de ejecución que resulte en una escritura fuera de los límites fill_kobj_path. An out-of-bounds memory write flaw was found in the load/unload module in the Linux kernel's kobject ... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-45862 – kernel: drivers/usb/storage/ene_ub6250.c
https://notcve.org/view.php?id=CVE-2023-45862
14 Oct 2023 — An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation. Se descubrió un problema en drivers/usb/storage/ene_ub6250.c para el controlador del lector ENE UB6250 en el kernel de Linux anterior a 6.2.5. Un objeto podría potencialmente extenderse más allá del final de una asignación. An out-of-bounds memory access flaw was found in the Linux kernel ENE SD/MS Card reader drive... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.5 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42752 – Kernel: integer overflow in igmpv3_newpack leading to exploitable memory access
https://notcve.org/view.php?id=CVE-2023-42752
13 Oct 2023 — An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. Se encontró una falla de desbordamiento de enteros en el kernel de Linux. Este problema lleva a que el kernel asigne `skb_shared_info` en el espacio de usuario, lo cual es explotable en sistemas sin protección SMAP ya que `skb_shared_info` contiene referen... • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-39189 – Kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()
https://notcve.org/view.php?id=CVE-2023-39189
09 Oct 2023 — A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Se encontró una falla en el subsistema Netfilter en el kernel de Linux. La función nfnl_osf_add_callback no validó el campo opt_num controlado por el modo de usuario. • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 1CVE-2023-42755 – Kernel: rsvp: out-of-bounds read in rsvp_classify()
https://notcve.org/view.php?id=CVE-2023-42755
05 Oct 2023 — A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Se encontró una falla en el clasificador del IPv4 Resource Reservation Protocol (RSVP) en el kernel de Linux. El puntero xprt puede ir más allá de la parte lineal del skb, lo que lleva a una lectura fuera... • https://access.redhat.com/errata/RHSA-2024:2950 • CWE-125: Out-of-bounds Read •