CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2023-3141 – kernel: Use after free bug in r592_remove
https://notcve.org/view.php?id=CVE-2023-3141
09 Jun 2023 — A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 37EXPL: 0CVE-2023-20716
https://notcve.org/view.php?id=CVE-2023-20716
06 Jun 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2023-20715
https://notcve.org/view.php?id=CVE-2023-20715
06 Jun 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 37EXPL: 0CVE-2023-20712
https://notcve.org/view.php?id=CVE-2023-20712
06 Jun 2023 — In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2023-3111
https://notcve.org/view.php?id=CVE-2023-3111
05 Jun 2023 — A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). • https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2985
https://notcve.org/view.php?id=CVE-2023-2985
01 Jun 2023 — A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=07db5e247ab5858439b14dd7cc1fe538b9efcf32 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-34256
https://notcve.org/view.php?id=CVE-2023-34256
31 May 2023 — An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a 6.3.3. Hay una lectur... • https://bugzilla.suse.com/show_bug.cgi?id=1211895 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 2CVE-2023-2002 – Kernel: bluetooth: Unauthorized management command execution
https://notcve.org/view.php?id=CVE-2023-2002
26 May 2023 — A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. • https://github.com/lrh2000/CVE-2023-2002 • CWE-250: Execution with Unnecessary Privileges CWE-863: Incorrect Authorization •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33288
https://notcve.org/view.php?id=CVE-2023-33288
22 May 2023 — An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36694 – kernel: netfilter: use-after-free in the packet processing context
https://notcve.org/view.php?id=CVE-2020-36694
21 May 2023 — An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12. A use-after-free flaw was found in the packet processing context in net/netfilter/x_tables.c in netfilter in the Linux Kernel. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10 • CWE-416: Use After Free •