CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6039 – Kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect
https://notcve.org/view.php?id=CVE-2023-6039
09 Nov 2023 — A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches. Se encontró una falla de use-after-free en lan78xx_disconnect en drivers/net/usb/lan78xx.c en el subcomponente de red, net/usb/lan78xx en el kernel de Linux. Esta falla permite que un atacante local bloquee el sistema cuando el dispositivo USB LAN78XX se desconecta. • https://access.redhat.com/security/cve/CVE-2023-6039 • CWE-416: Use After Free •
CVSS: 6.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-5090 – Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs
https://notcve.org/view.php?id=CVE-2023-5090
06 Nov 2023 — A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. Se encontró una falla en KVM. Una verificación incorrecta en svm_set_x2apic_msr_interception() puede permitir el acceso directo al host x2apic msrs cuando el invitado restablece su apic, lo que podría provocar una condición de denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:3854 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47233
https://notcve.org/view.php?id=CVE-2023-47233
03 Nov 2023 — The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. El componente brcm80211 en el kernel de Linux hasta 6.5.10 tiene un código brcmf_cfg80211_detach use after free en el códi... • https://bugzilla.suse.com/show_bug.cgi?id=1216702 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 5%CPEs: 12EXPL: 1CVE-2023-5178 – Kernel: use after free in nvmet_tcp_free_crypto in nvme
https://notcve.org/view.php?id=CVE-2023-5178
01 Nov 2023 — A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Se encontró una vulnerabilidad de use-after-free en drivers/nvme/target/tcp.c` en `nvmet_tcp_free_crypto` debido a un error lógico en el subsistema NVMe-oF/TCP en el kernel de Lin... • https://github.com/rockrid3r/CVE-2023-5178 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46862 – kernel: NULL pointer dereference vulnerability in io_uring_show_fdinfo
https://notcve.org/view.php?id=CVE-2023-46862
29 Oct 2023 — An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. Se descubrió un problema en el kernel de Linux hasta 6.5.9. Durante una ejecución con salida de hilo SQ, puede ocurrir una desreferencia del puntero NULL io_uring/fdinfo.c io_uring_show_fdinfo. A null pointer dereference flaw was found in the Linux kernel's io_uring functionality. • https://bugzilla.kernel.org/show_bug.cgi?id=218032#c4 • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46813 – kernel: SEV-ES local priv escalation
https://notcve.org/view.php?id=CVE-2023-46813
27 Oct 2023 — An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. Se descubrió un problema en el kernel de Linux anterior a 6.5.9, explo... • https://github.com/Freax13/cve-2023-46813-poc • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-5717 – Out-of-bounds write in Linux kernel's Linux Kernel Performance Events (perf) component
https://notcve.org/view.php?id=CVE-2023-5717
25 Oct 2023 — A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06. Se puede aprovechar una vulnerabilidad de escritura fuera de límites del montón en el... • https://github.com/uthrasri/CVE-2023-5717 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-5633 – Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
https://notcve.org/view.php?id=CVE-2023-5633
23 Oct 2023 — The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. Los cambios en el recuento de referencias realizados como parte de las correcciones CVE-2023-33951 y CVE-2023-33952 expusieron una falla de use-after-free ... • https://access.redhat.com/errata/RHSA-2024:0113 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45898
https://notcve.org/view.php?id=CVE-2023-45898
16 Oct 2023 — The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent. El kernel de Linux anterior a 6.5.4 tiene un es1 use-after-free en fs/ext4/extents_status.c, relacionado con ext4_es_insert_extent. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.4 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45871 – kernel: IGB driver inadequate buffer size for frames larger than MTU
https://notcve.org/view.php?id=CVE-2023-45871
15 Oct 2023 — An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. Se descubrió un problema en drivers/net/ethernet/intel/igb/igb_main.c en el controlador IGB en el kernel de Linux anterior a 6.5.3. Es posible que un tamaño de búfer no sea adecuado para tramas más grandes que la MTU. A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •