CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1195 – kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c
https://notcve.org/view.php?id=CVE-2023-1195
24 Mar 2023 — A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request. Red Hat Advanced Cluster Management for Kubernetes 2.5.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud... • https://github.com/torvalds/linux/commit/153695d36ead0ccc4d0256953c751cabf673e621 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1583 – Ubuntu Security Notice USN-6186-1
https://notcve.org/view.php?id=CVE-2023-1583
24 Mar 2023 — A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash. It was discovered that the Traffic-Control Index implementation in the Lin... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=02a4d923e4400a36d340ea12d8058f69ebf3a383 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36691 – Ubuntu Security Notice USN-6301-1
https://notcve.org/view.php?id=CVE-2020-36691
24 Mar 2023 — An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference. It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properl... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8 • CWE-674: Uncontrolled Recursion •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-1513 – kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems
https://notcve.org/view.php?id=CVE-2023-1513
23 Mar 2023 — A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TC... • https://bugzilla.redhat.com/show_bug.cgi?id=2179892 • CWE-665: Improper Initialization •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 3CVE-2023-28772 – kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow
https://notcve.org/view.php?id=CVE-2023-28772
23 Mar 2023 — An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. A buffer overflow write flaw was identified in seq_buf_putmem_hex in lib/seq_buf.c in seq_buf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check. • https://github.com/Trinadh465/linux-4.1.15_CVE-2023-28772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-1281 – UAF in Linux kernel's tcindex (traffic control index filter) implementation
https://notcve.org/view.php?id=CVE-2023-1281
22 Mar 2023 — Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. A use-after-free vulnerability was found in the ... • http://www.openwall.com/lists/oss-security/2023/04/11/3 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 13CVE-2023-0386 – kernel: FUSE filesystem low-privileged user privileges escalation
https://notcve.org/view.php?id=CVE-2023-0386
22 Mar 2023 — A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat ... • https://packetstorm.news/files/id/181886 • CWE-282: Improper Ownership Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1249 – kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump code
https://notcve.org/view.php?id=CVE-2023-1249
21 Mar 2023 — A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected. The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees. • https://packetstorm.news/files/id/171912 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1252 – kernel: ovl: fix use after free in struct ovl_aio_req
https://notcve.org/view.php?id=CVE-2023-1252
21 Mar 2023 — A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected. The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees... • https://lore.kernel.org/lkml/20211115165433.449951285%40linuxfoundation.org • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48424 – Ubuntu Security Notice USN-6079-1
https://notcve.org/view.php?id=CVE-2022-48424
19 Mar 2023 — In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3 •