Page 37 of 8983 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-4206 – Use-after-free in Linux kernel's net/sched: cls_route component

https://notcve.org/view.php?id=CVE-2023-4206

A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8. Una vulnerabilidad de use-after-free en el componente net/sched: cls_route del kernel de Linux se puede explotar para lograr una escalada de privilegios local. Cuando se llama a route4_change() en un filtro existente, toda la estructura tcf_result siempre se copia en la nueva instancia del filtro. Esto causa un problema al actualizar un filtro vinculado a una clase, ya que siempre se llama a tcf_unbind_filter() en la instancia anterior en la ruta exitosa, lo que disminuye filter_cnt de la clase a la que todavía se hace referencia y permite que se elimine, lo que lleva a un use-after-free. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8 https://kernel.dance/b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://www.debian.org/security/2023/dsa-5492 https://access.redhat.com/security/cve/CVE-2023-4206 https://bugzilla.redhat.com/show_bug.cgi?id=2225511 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-4764

https://notcve.org/view.php?id=CVE-2023-4764

Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) La interfaz de usuario de seguridad incorrecta en BFCache en Google Chrome anterior a 116.0.5845.179 permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1447237 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://security.gentoo.org/glsa/202311-11 https://security •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-4763

https://notcve.org/view.php?id=CVE-2023-4763

Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El uso gratuito en redes en Google Chrome anterior a 116.0.5845.179 permitía a un atacante remoto explotar potencialmente la corrupción de la memoria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: Alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1469928 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://security.gentoo.org/glsa/202311-11 https://security • CWE-416: Use After Free •

CVSS: 8.8EPSS: 66%CPEs: 7EXPL: 2

CVE-2023-4762 – Google Chromium V8 Type Confusion Vulnerability

https://notcve.org/view.php?id=CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 116.0.5845.179 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://github.com/buptsb/CVE-2023-4762 https://github.com/sherlocksecurity/CVE-2023-4762-Code-Review https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1473247 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fed • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-4761

https://notcve.org/view.php?id=CVE-2023-4761

Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) El acceso a memoria fuera de los límites en FedCM en Google Chrome anterior a 116.0.5845.179 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar una lectura de memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1476403 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://security.gentoo.org/glsa/202311-11 https://security • CWE-125: Out-of-bounds Read •