CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 2CVE-2023-1998 – Spectre v2 SMT mitigations problem in Linux kernel
https://notcve.org/view.php?id=CVE-2023-1998
20 Apr 2023 — The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened beca... • https://www.exploit-db.com/exploits/51384 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy CWE-1303: Non-Transparent Sharing of Microarchitectural Resources •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2177 – Kernel: NULL pointer dereference problem in sctp_sched_dequeue_common
https://notcve.org/view.php?id=CVE-2023-2177
20 Apr 2023 — A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service. A NULL pointer dereference issue was found in the SCTP network protocol in net/sctp/stream_sched.c in the Linux kernel. If stream_in allocation fails, stream_out is freed, which would be accessed further. • https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=181d8d2066c0 • CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2023-2194 – kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer()
https://notcve.org/view.php?id=CVE-2023-2194
20 Apr 2023 — An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution. An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not l... • https://bugzilla.redhat.com/show_bug.cgi?id=2188396 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-1382 – kernel: denial of service in tipc_conn_close
https://notcve.org/view.php?id=CVE-2023-1382
19 Apr 2023 — A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel. • https://lore.kernel.org/netdev/bc7bd3183f1c275c820690fc65b708238fe9e38e.1668807842.git.lucien.xin%40gmail.com/T/#u • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-2166 – kernel: NULL pointer dereference in can_rcv_filter
https://notcve.org/view.php?id=CVE-2023-2166
19 Apr 2023 — A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service. A NULL pointer dereference issue was found in the can protocol in net/can/af_can.c in the Linux kernel, where ml_priv may not be initialized in the receive path of CAN frames. This flaw allows a local user to crash the system or cause a denial o... • https://lore.kernel.org/lkml/CAO4mrfcV_07hbj8NUuZrA8FH-kaRsrFy-2metecpTuE5kKHn5w%40mail.gmail.com • CWE-476: NULL Pointer Dereference •
CVSS: 6.6EPSS: 0%CPEs: 7EXPL: 0CVE-2023-2162 – kernel: UAF during login when accessing the shost ipaddress
https://notcve.org/view.php?id=CVE-2023-2162
19 Apr 2023 — A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. A use-after-free flaw was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information. • https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28327 – kernel: denial of service problem in net/unix/diag.c
https://notcve.org/view.php?id=CVE-2023-28327
19 Apr 2023 — A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=2177382 • CWE-476: NULL Pointer Dereference •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30772
https://notcve.org/view.php?id=CVE-2023-30772
16 Apr 2023 — The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device. • https://bugzilla.suse.com/show_bug.cgi?id=1210329 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-2006 – Linux Kernel RxRPC Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-2006
13 Apr 2023 — A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target syste... • https://bugzilla.redhat.com/show_bug.cgi?id=2189112 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-2007 – Linux Kernel DPT I2O Controller Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-2007
13 Apr 2023 — The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target... • https://github.com/torvalds/linux/commit/b04e75a4a8a81887386a0d2dbf605a48e779d2a0 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-667: Improper Locking •