CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-3610 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3610
21 Jul 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered. We recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795. A use-after-free vulnerability was found in the netfilter: nf_tables component in the Linux kernel due to a missing error handling... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-3609 – Use-after-free in Linux kernel's net/sched: cls_u32 component
https://notcve.org/view.php?id=CVE-2023-3609
21 Jul 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c803... • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0160 – Possibility of deadlock in libbpf function sock_hash_delete_elem
https://notcve.org/view.php?id=CVE-2023-0160
18 Jul 2023 — A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system. • https://access.redhat.com/security/cve/CVE-2023-0160 • CWE-667: Improper Locking CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38409 – kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment
https://notcve.org/view.php?id=CVE-2023-38409
17 Jul 2023 — An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info). A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denia... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.12 • CWE-129: Improper Validation of Array Index CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2023-37454
https://notcve.org/view.php?id=CVE-2023-37454
06 Jul 2023 — An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-37454 • CWE-416: Use After Free •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37453 – kernel: usb: out-of-bounds read in read_descriptors
https://notcve.org/view.php?id=CVE-2023-37453
06 Jul 2023 — An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c. An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e4c574225cc5a0553115e5eb5787d1474db5b0f • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 3CVE-2023-35001 – Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability
https://notcve.org/view.php?id=CVE-2023-35001
05 Jul 2023 — Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace Vulnerabilidad de Lectura/Escritura en nftables Fuera de los Límites del kernel de Linux; nft_byteorder administra incorrectamente los contenidos de registro de VM cuando CAP_NET_ADMIN está en cualquier espacio de nombres de usuario o red An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel's nft_byte... • https://github.com/synacktiv/CVE-2023-35001 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-31248 – Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-31248
05 Jul 2023 — Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace Vulnerabilidad de Escalada de Privilegios Locales de Use-After-Free de Linux nftables; 'nft_chain_lookup_byid()' no pudo comprobar si una cadena estaba activa y CAP_NET_ADMIN está en cualquier espacio de nombres de usuario o red A use-after-free flaw was found in the Linux kernel's Netfilter module in net/net... • http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-2430
https://notcve.org/view.php?id=CVE-2023-2430
30 Jun 2023 — A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e12d7a46f65ae4b7d58a5e0c1cbfa825cf8 • CWE-413: Improper Resource Locking CWE-667: Improper Locking •
CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1206 – kernel: hash collisions in the IPv6 connection lookup table
https://notcve.org/view.php?id=CVE-2023-1206
30 Jun 2023 — A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. • https://bugzilla.redhat.com/show_bug.cgi?id=2175903 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-400: Uncontrolled Resource Consumption •