CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23003
https://notcve.org/view.php?id=CVE-2023-23003
01 Mar 2023 — In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16 • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23005
https://notcve.org/view.php?id=CVE-2023-23005
01 Mar 2023 — In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached. • https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23001
https://notcve.org/view.php?id=CVE-2023-23001
01 Mar 2023 — In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23002
https://notcve.org/view.php?id=CVE-2023-23002
01 Mar 2023 — In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23006
https://notcve.org/view.php?id=CVE-2023-23006
01 Mar 2023 — In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23000
https://notcve.org/view.php?id=CVE-2023-23000
01 Mar 2023 — In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23004
https://notcve.org/view.php?id=CVE-2023-23004
01 Mar 2023 — In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2023-0461 – Use-after-free vulnerability in the Linux Kernel
https://notcve.org/view.php?id=CVE-2023-0461
28 Feb 2023 — There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socke... • https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0461 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1095 – kernel: netfilter: NULL pointer dereference in nf_tables due to zeroed list head
https://notcve.org/view.php?id=CVE-2023-1095
28 Feb 2023 — In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. A NULL pointer dereference flaw was found in the Linux kernel’s netfilter subsystem. The issue could occur due to an error in nf_tables_updtable while freeing a transaction object not placed on the list head. This flaw allow... • https://bugzilla.redhat.com/show_bug.cgi?id=2173973 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22997
https://notcve.org/view.php?id=CVE-2023-22997
28 Feb 2023 — In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2 • CWE-476: NULL Pointer Dereference •