CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2163 – Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-2163
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. La poda incorrecta del verificador en BPF en el kernel de Linux >=5.4 conduce a que las rutas de código inseguras se marquen incorrectamente como seguras, lo que resulta en lectura/escritura arbitraria en la memoria del kernel, escalada de privilegios lateral y escape de contenedor. An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71b547f561247897a0a14f3082730156c0533fed https://access.redhat.com/security/cve/CVE-2023-2163 https://bugzilla.redhat.com/show_bug.cgi?id=2240249 • CWE-682: Incorrect Calculation •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-4394 – Memory leak in btrfs_get_dev_args_from_path()
https://notcve.org/view.php?id=CVE-2023-4394
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information • https://access.redhat.com/security/cve/CVE-2023-4394 https://bugzilla.redhat.com/show_bug.cgi?id=2219263 https://patchwork.kernel.org/project/linux-btrfs/patch/20220815151606.3479183-1-r33s3n6@gmail.com • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2023-4387 – Kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf()
https://notcve.org/view.php?id=CVE-2023-4387
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. Se encontró una falla de use-after-free en vmxnet3_rq_alloc_rx_buf en drivers/net/vmxnet3/vmxnet3_drv.c en el controlador NIC Ethernet vmxnet3 de VMware en el kernel de Linux. Este problema podría permitir que un atacante local bloquee el sistema debido a una doble liberación mientras se limpia vmxnet3_rq_cleanup_all, lo que también podría provocar un problema de fuga de información del kernel. • https://access.redhat.com/security/cve/CVE-2023-4387 https://bugzilla.redhat.com/show_bug.cgi?id=2219270 https://github.com/torvalds/linux/commit/9e7fef9521e73ca8afd7da9e58c14654b02dfad8 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4385 – Kernel: jfs: null pointer dereference in dbfree()
https://notcve.org/view.php?id=CVE-2023-4385
A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. Se ha encontrado un fallo de desviación de puntero NULL en dbFree en fs/jfs/jfs_dmap.c en el sistema de archivos de registro diario (JFS) en el Kernel de Linux. Este problema puede permitir a un atacante local bloquear el sistema debido a la falta de una comprobación de sanidad. • https://access.redhat.com/security/cve/CVE-2023-4385 https://bugzilla.redhat.com/show_bug.cgi?id=2219272 https://github.com/torvalds/linux/commit/0d4837fdb796f99369cf7691d33de1b856bcaf1f • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-40283 – kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c
https://notcve.org/view.php?id=CVE-2023-40283
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. A flaw was found in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1728137b33c00d5a2b5110ed7aafb42e7c32e4a1 https://github.com/torvalds/linux/commit/1728137b33c00d5a2b5110ed7aafb42e7c32e4a1 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htm • CWE-416: Use After Free •