CVSS: 8.1EPSS: 9%CPEs: 8EXPL: 0CVE-2023-32257 – Session race condition remote code execution vulnerability
https://notcve.org/view.php?id=CVE-2023-32257
17 May 2023 — A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. Se encontró una falla en el ksmbd del kernel de Linux, un servidor SMB de alto rendimiento en el kernel. • https://access.redhat.com/security/cve/CVE-2023-32257 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2860 – Out-of-bounds read when setting hmac data
https://notcve.org/view.php?id=CVE-2023-2860
17 May 2023 — An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel. This vulnerability allows local attackers to disclose sensitive information on affected installations... • https://access.redhat.com/security/cve/CVE-2023-2860 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 9%CPEs: 7EXPL: 0CVE-2023-32247 – Session setup memory exhaustion denial-of-service vulnerability
https://notcve.org/view.php?id=CVE-2023-32247
17 May 2023 — A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Se encontró una falla en el ksmbd del kernel de Linux, un servidor SMB de alto rendimiento en el kernel. • https://access.redhat.com/security/cve/CVE-2023-32247 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 7%CPEs: 9EXPL: 0CVE-2023-32250 – Session race condition remote code execution vulnerability
https://notcve.org/view.php?id=CVE-2023-32250
17 May 2023 — A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. • https://access.redhat.com/security/cve/CVE-2023-32250 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0459 – Copy_from_user Spectre-V1 Gadget in Linux Kernel
https://notcve.org/view.php?id=CVE-2023-0459
16 May 2023 — Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 A vulnerability was found in copy_from_user in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the "access_ok" sanity check and pass a kernel pointer to cop... • https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2023-2124 – kernel: OOB access in the Linux kernel's XFS subsystem
https://notcve.org/view.php?id=CVE-2023-2124
15 May 2023 — An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a de... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/xfs/xfs_buf_item_recover.c?h=v6.4-rc1&id=22ed903eee23a5b174e240f1cdfa9acf393a5210 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2513 – kernel: ext4: use-after-free in ext4_xattr_set_entry()
https://notcve.org/view.php?id=CVE-2023-2513
08 May 2023 — A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors. Jordy Zomer and Alexand... • https://bugzilla.redhat.com/show_bug.cgi?id=2193097 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 5CVE-2023-32233 – kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
https://notcve.org/view.php?id=CVE-2023-32233
08 May 2023 — In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and write... • https://github.com/oferchen/POC-CVE-2023-32233 • CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2023-1859 – Ubuntu Security Notice USN-6072-1
https://notcve.org/view.php?id=CVE-2023-1859
05 May 2023 — A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service ... • https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz%40163.com • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32269 – Ubuntu Security Notice USN-6133-1
https://notcve.org/view.php?id=CVE-2023-32269
05 May 2023 — An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker co... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11 • CWE-416: Use After Free •