CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2CVE-2023-35788 – kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
https://notcve.org/view.php?id=CVE-2023-35788
16 Jun 2023 — An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. Se descubrió un problema en fl_set_geneve_opt en net/sched/cls_flower.c en el kernel de Linux antes de 6.3.7. Permite una escritura fuera de los límites en el código flower classifier a través de paquetes TCA_FLOWER_KEY_ENC_OPTS_GENEVE. • http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3268 – kernel: out-of-bounds access in relay_file_read
https://notcve.org/view.php?id=CVE-2023-3268
16 Jun 2023 — An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. An out-of-bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information. Jordy Zomer and Alexandra Sandulescu discovered that sy... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2023-3141 – kernel: Use after free bug in r592_remove
https://notcve.org/view.php?id=CVE-2023-3141
09 Jun 2023 — A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. It was discovered that the XFS... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 3CVE-2023-2598
https://notcve.org/view.php?id=CVE-2023-2598
01 Jun 2023 — A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation. Se encontró una falla en el código de registro de búfer fijo para io_uring (io_sqe_buffer_register en io_uring/rsrc.c) en el kernel de Linux que permite el acceso fuera de los límites a la memoria física más allá del final del búfer. Esta falla pe... • https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2985 – Ubuntu Security Notice USN-6327-1
https://notcve.org/view.php?id=CVE-2023-2985
01 Jun 2023 — A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kern... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=07db5e247ab5858439b14dd7cc1fe538b9efcf32 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-34256 – Ubuntu Security Notice USN-6701-3
https://notcve.org/view.php?id=CVE-2023-34256
31 May 2023 — An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. Se ha descubierto un problema en el kernel de Linux en las versiones anteriores a 6.3.3. Hay una lectur... • https://bugzilla.suse.com/show_bug.cgi?id=1211895 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 2CVE-2023-2002 – Kernel: bluetooth: Unauthorized management command execution
https://notcve.org/view.php?id=CVE-2023-2002
26 May 2023 — A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of s... • https://github.com/lrh2000/CVE-2023-2002 • CWE-250: Execution with Unnecessary Privileges CWE-863: Incorrect Authorization •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-33250
https://notcve.org/view.php?id=CVE-2023-33250
21 May 2023 — The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c. • https://bugzilla.suse.com/show_bug.cgi?id=1211597 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33951 – Kernel: vmwgfx: race condition leading to information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-33951
17 May 2023 — A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel. This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. • https://access.redhat.com/errata/RHSA-2023:6583 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •
CVSS: 7.8EPSS: 9%CPEs: 9EXPL: 0CVE-2023-32248 – Tree connection null pointer dereference denial-of-service vulnerability
https://notcve.org/view.php?id=CVE-2023-32248
17 May 2023 — A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Se ha encontrado un fallo en el ksmbd del kernel de Linux, un servidor SMB de alto rendimiento integrado en el kernel. • https://access.redhat.com/security/cve/CVE-2023-32248 • CWE-476: NULL Pointer Dereference •