CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50431 – Ubuntu Security Notice USN-6724-1
https://notcve.org/view.php?id=CVE-2023-50431
09 Dec 2023 — sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized. sec_attest_info en drivers/accel/habanalabs/common/habanalabs_ioctl.c en el kernel de Linux hasta 6.6.5 permite una fuga de información al espacio del usuario porque info->pad0 no está inicializado. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length ... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a9f07790a4b2250f0140e9a61c7f842fd9b618c7 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6560 – Kernel: io_uring out of boundary memory access in __io_uaddr_map()
https://notcve.org/view.php?id=CVE-2023-6560
08 Dec 2023 — An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. Se encontró una falla de acceso a memoria fuera de los límites en la funcionalidad de anillos io_uring SQ/CQ en el kernel de Linux. Este problema podría permitir que un usuario local bloquee el sistema. 黄æ€èª discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain m... • https://packetstorm.news/files/id/176405 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-6622 – Kernel: null pointer dereference vulnerability in nft_dynset_init()
https://notcve.org/view.php?id=CVE-2023-6622
08 Dec 2023 — A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. Se encontró una vulnerabilidad de desreferencia de puntero nulo en nft_dynset_init() en net/netfilter/nft_dynset.c en nf_tables en el kernel de Linux. Este problema puede permitir que un atacante local con privilegios de usuario CAP_NET_ADMIN active una denegación de serv... • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2023-5972 – Kernel: the nfta_inner_num and nfta_expr_name netlink attributes accessed without checking its presence in nft_inner.c
https://notcve.org/view.php?id=CVE-2023-5972
23 Nov 2023 — A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system. Se encontró una falla de desreferencia de puntero nulo en la funcionalidad nft_inner.c de netfilter en el kernel de Linux. Este problema podría permitir que un usuario local bloquee el sistema o aumente sus privilegios en el sistema. Marek Marczykowski-Górecki discovered that the Xen event channel inf... • https://access.redhat.com/security/cve/CVE-2023-5972 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-39198 – Kernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create()
https://notcve.org/view.php?id=CVE-2023-39198
09 Nov 2023 — A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. Se encontró una condición de ejecución en el controlador QXL del kernel de Linux. La función qxl_mode_dumb_cr... • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6039 – Kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect
https://notcve.org/view.php?id=CVE-2023-6039
09 Nov 2023 — A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches. Se encontró una falla de use-after-free en lan78xx_disconnect en drivers/net/usb/lan78xx.c en el subcomponente de red, net/usb/lan78xx en el kernel de Linux. Esta falla permite que un atacante local bloquee el sistema cuando el dispositivo USB LAN78XX se desconecta. It ... • https://access.redhat.com/security/cve/CVE-2023-6039 • CWE-416: Use After Free •
CVSS: 6.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-5090 – Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs
https://notcve.org/view.php?id=CVE-2023-5090
06 Nov 2023 — A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. Se encontró una falla en KVM. Una verificación incorrecta en svm_set_x2apic_msr_interception() puede permitir el acceso directo al host x2apic msrs cuando el invitado restablece su apic, lo que podría provocar una condición de denegación de servicio. Maxim Levitsky discovered that the KVM nested virtu... • https://access.redhat.com/errata/RHSA-2024:3854 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47233 – Ubuntu Security Notice USN-6777-1
https://notcve.org/view.php?id=CVE-2023-47233
03 Nov 2023 — The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. El componente brcm80211 en el kernel de Linux hasta 6.5.10 tiene un código brcmf_cfg80211_detach use after free en el códi... • https://bugzilla.suse.com/show_bug.cgi?id=1216702 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 5%CPEs: 12EXPL: 1CVE-2023-5178 – Kernel: use after free in nvmet_tcp_free_crypto in nvme
https://notcve.org/view.php?id=CVE-2023-5178
01 Nov 2023 — A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Se encontró una vulnerabilidad de use-after-free en drivers/nvme/target/tcp.c` en `nvmet_tcp_free_crypto` debido a un error lógico en el subsistema NVMe-oF/TCP en el kernel de Lin... • https://github.com/rockrid3r/CVE-2023-5178 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46862 – kernel: NULL pointer dereference vulnerability in io_uring_show_fdinfo
https://notcve.org/view.php?id=CVE-2023-46862
29 Oct 2023 — An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. Se descubrió un problema en el kernel de Linux hasta 6.5.9. Durante una ejecución con salida de hilo SQ, puede ocurrir una desreferencia del puntero NULL io_uring/fdinfo.c io_uring_show_fdinfo. A null pointer dereference flaw was found in the Linux kernel's io_uring functionality. • https://bugzilla.kernel.org/show_bug.cgi?id=218032#c4 • CWE-476: NULL Pointer Dereference •