CVSS: 6.3EPSS: 0%CPEs: 17EXPL: 0CVE-2023-1611 – Ubuntu Security Notice USN-6301-1
https://notcve.org/view.php?id=CVE-2023-1611
03 Apr 2023 — A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered t... • https://bugzilla.redhat.com/show_bug.cgi?id=2181342 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-1670 – Ubuntu Security Notice USN-6252-1
https://notcve.org/view.php?id=CVE-2023-1670
30 Mar 2023 — A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier... • https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-1652 – Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c
https://notcve.org/view.php?id=CVE-2023-1652
29 Mar 2023 — A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support f... • https://access.redhat.com/security/cve/cve-2023-1652 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1032 – Ubuntu Security Notice USN-6024-1
https://notcve.org/view.php?id=CVE-2023-1032
28 Mar 2023 — The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067. La operación io_uring IORING_OP_SOCKET del kernel de Linux contenía una función de double free __sys_socket_file() en el archivo net/socket.c. Este problema se introdujo en da214a475f8bd1d3e9e7a19ddfeb4d1617551bab y se solucionó en 649c15c7691e9b13cbe9bf6c... • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1032 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28328 – kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c
https://notcve.org/view.php?id=CVE-2023-28328
28 Mar 2023 — A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attack... • https://bugzilla.redhat.com/show_bug.cgi?id=2177389 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1079 – kernel: hid: Use After Free in asus_remove()
https://notcve.org/view.php?id=CVE-2023-1079
27 Mar 2023 — A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controll... • https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=4ab3a086d10eeec1424f2e8a968827a6336203df • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0CVE-2023-1380 – Ubuntu Security Notice USN-6162-1
https://notcve.org/view.php?id=CVE-2023-1380
27 Mar 2023 — A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. It wa... • http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 27EXPL: 0CVE-2023-1077 – Ubuntu Security Notice USN-6256-1
https://notcve.org/view.php?id=CVE-2023-1077
27 Mar 2023 — In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could pos... • https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28866 – kernel: Bluetooth: HCI: global out-of-bounds access in net/bluetooth/hci_sync.c
https://notcve.org/view.php?id=CVE-2023-28866
27 Mar 2023 — In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. An out-of-bounds (OOB) memory access flaw was found in net/bluetooth/hci_sync.c due to a missing exit patch while in loop in amp_init1[] and amp_init2[]. This issue could allow an attacker to leak internal kernel information. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not pro... • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=95084403f8c070ccf5d7cbe72352519c1798a40a • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1583 – Ubuntu Security Notice USN-6186-1
https://notcve.org/view.php?id=CVE-2023-1583
24 Mar 2023 — A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash. It was discovered that the Traffic-Control Index implementation in the Lin... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=02a4d923e4400a36d340ea12d8058f69ebf3a383 • CWE-476: NULL Pointer Dereference •