Page 334 of 2739 results (0.014 seconds)

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1

CVE-2023-0469

https://notcve.org/view.php?id=CVE-2023-0469

A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service. Se encontró una falla de use-after-free en io_uring/filetable.c en io_install_fixed_file en el subcomponente io_uring en el kernel de Linux durante la limpieza de llamadas. Este defecto puede dar lugar a una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=2163723 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-416: Use After Free •

CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 1

CVE-2023-0468

https://notcve.org/view.php?id=CVE-2023-0468

A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference. Se encontró una falla de use-after-free en io_uring/poll.c en io_poll_check_events en el subcomponente io_uring en el kernel de Linux debido a una condición de ejecución de poll_refs. Este defecto puede provocar una desreferencia del puntero NULL. • https://bugzilla.redhat.com/show_bug.cgi?id=2164024 • CWE-416: Use After Free •

CVSS: 7.9EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-0266 – Linux Kernel Use-After-Free Vulnerability

https://notcve.org/view.php?id=CVE-2023-0266

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem. Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user. • https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4 https://github.com/torvalds/linux/commit/56b88b50565cd8b946a2d00b0c83927b7ebb055e https://github.com/torvalds/linux/commit/becf9e5d553c2389d857a3c178ce80fdb34a02e1 https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://access.redhat.com/security/cve/CVE-2023-0266 https://bugzilla.redhat.com/show_bug • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-0394 – kernel: NULL pointer dereference in rawv6_push_pending_frames

https://notcve.org/view.php?id=CVE-2023-0394

A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17 https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://security.netapp.com/advisory/ntap-20230302-0005 https://access.redhat.com/security/cve/CVE-2023-0394 https://bugzilla.redhat.com/show_bug.cgi?id=2162120 • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0

CVE-2022-41858 – kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

https://notcve.org/view.php?id=CVE-2022-41858

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. • https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 https://security.netapp.com/advisory/ntap-20230223-0006 https://access.redhat.com/security/cve/CVE-2022-41858 https://bugzilla.redhat.com/show_bug.cgi?id=2144379 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •