CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-3777 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3777
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. Una vulnerabilidad de Use-After-Free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. Cuando nf_tables_delrule() vacía las reglas de la tabla, no se verifica si la cadena está vinculada y la regla del propietario de la cadena también puede liberar los objetos en determinadas circunstancias. Recomendamos actualizar al pasado commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. A use-after-free flaw was found in the Linux kernel's netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8 https://kernel.dance/6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8 https://www.debian.org/security/2023/dsa-5492 https://access.redhat.com/security/cve/CVE-2023-3777 https://bugzilla.redhat.com/show_bug.cgi?id=223 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4611 – Use after free race between mbind() and vma-locked page fault
https://notcve.org/view.php?id=CVE-2023-4611
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. • https://access.redhat.com/security/cve/CVE-2023-4611 https://bugzilla.redhat.com/show_bug.cgi?id=2227244 https://www.spinics.net/lists/stable-commits/msg310136.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-4569 – Kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c
https://notcve.org/view.php?id=CVE-2023-4569
A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. • https://access.redhat.com/security/cve/CVE-2023-4569 https://bugzilla.redhat.com/show_bug.cgi?id=2235470 https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230812110526.49808-1-fw@strlen.de https://www.debian.org/security/2023/dsa-5492 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-4459 – Kernel: vmxnet3: null pointer dereference in vmxnet3_rq_cleanup()
https://notcve.org/view.php?id=CVE-2023-4459
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. • https://access.redhat.com/errata/RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:1250 https://access.redhat.com/errata/RHSA-2024:1306 https://access.redhat.com/errata/RHSA-2024:1367 https://access.redhat.com/errata/RHSA-2024:1382 https://access.redhat.com/errata/RHSA-2024:2006 https://access.redhat.com/errata/RHSA-2024:2008 https://access.redhat.com/security/cve/CVE-2023-4459 https://bugzilla.redhat.com/show_bug.cgi?id=2219268 https://github.com/torvalds/ • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2163 – Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-2163
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. La poda incorrecta del verificador en BPF en el kernel de Linux >=5.4 conduce a que las rutas de código inseguras se marquen incorrectamente como seguras, lo que resulta en lectura/escritura arbitraria en la memoria del kernel, escalada de privilegios lateral y escape de contenedor. An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71b547f561247897a0a14f3082730156c0533fed https://access.redhat.com/security/cve/CVE-2023-2163 https://bugzilla.redhat.com/show_bug.cgi?id=2240249 • CWE-682: Incorrect Calculation •