CVSS: 6.7EPSS: 0%CPEs: 37EXPL: 0CVE-2023-20716
https://notcve.org/view.php?id=CVE-2023-20716
06 Jun 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20715
https://notcve.org/view.php?id=CVE-2023-20715
06 Jun 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 37EXPL: 0CVE-2023-20712
https://notcve.org/view.php?id=CVE-2023-20712
06 Jun 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2023-3111
https://notcve.org/view.php?id=CVE-2023-3111
05 Jun 2023 — A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). • https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2985
https://notcve.org/view.php?id=CVE-2023-2985
01 Jun 2023 — A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=07db5e247ab5858439b14dd7cc1fe538b9efcf32 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-34256
https://notcve.org/view.php?id=CVE-2023-34256
31 May 2023 — An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a 6.3.3. Hay una lectur... • https://bugzilla.suse.com/show_bug.cgi?id=1211895 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 2CVE-2023-2002 – Kernel: bluetooth: Unauthorized management command execution
https://notcve.org/view.php?id=CVE-2023-2002
26 May 2023 — A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. • https://github.com/lrh2000/CVE-2023-2002 • CWE-250: Execution with Unnecessary Privileges CWE-863: Incorrect Authorization •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33288
https://notcve.org/view.php?id=CVE-2023-33288
22 May 2023 — An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36694 – kernel: netfilter: use-after-free in the packet processing context
https://notcve.org/view.php?id=CVE-2020-36694
21 May 2023 — An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12. A use-after-free flaw was found in the packet processing context in net/netfilter/x_tables.c in netfilter in the Linux Kernel. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-33203 – kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()
https://notcve.org/view.php?id=CVE-2023-33203
18 May 2023 — The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. A race condition vulnerability was found in the Linux kernel's Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors. • https://bugzilla.redhat.com/show_bug.cgi?id=2192667 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •