Page 4 of 226 results (0.007 seconds)

CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 0

CVE-2023-2269 – kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos

https://notcve.org/view.php?id=CVE-2023-2269

A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. A flaw was found in the Linux Kernel, leading to a denial of service. This issue occurs due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. • https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63AJUCJTZCII2JMAF7MGZEM66KY7IALT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FBLBKW2WM5YSTS6OGEU5SYHXSJ5EWSTV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXHBLWYNSUBS77TYPOJTADPDXKBH2F4U https://lore.kernel.org/lkml • CWE-413: Improper Resource Locking CWE-667: Improper Locking •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-31084 – kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible

https://notcve.org/view.php?id=CVE-2023-31084

An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8c75e4a1b325ea0a9433fa8834be97b5836b946 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HIEOLEOURP4BJZMIL7UGGPYRRB44UDN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AOATNX5UFL7V7W2QDIQKOHFFHYKWFP4W https://lore.kernel.org/all/CA •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

CVE-2023-2007 – Linux Kernel DPT I2O Controller Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2023-2007

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DPT I2O Controller driver. • https://github.com/torvalds/linux/commit/b04e75a4a8a81887386a0d2dbf605a48e779d2a0 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240119-0011 https://www.debian.org/security/2023/dsa-5480 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-667: Improper Locking •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

CVE-2023-28464 – Kernel: double free in hci_conn_cleanup of the bluetooth subsystem

https://notcve.org/view.php?id=CVE-2023-28464

hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. A double-free vulnerability was found in the hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux Kernel. This issue may cause a denial of service or privilege escalation. • https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com https://security.netapp.com/advisory/ntap-20230517-0004 https://www.openwall.com/lists/oss-security/2023/03/28/2 https://www.openwall.com/lists/oss-security/2023/03/28/3 https://access.redhat.com/security/cve/CVE-2023-28464 https://bugzilla.redhat.com/show_bug.cgi?id=2177759 • CWE-415: Double Free •

CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0

CVE-2023-1380

https://notcve.org/view.php?id=CVE-2023-1380

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. • http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html https://bugzilla.redhat.com/show_bug.cgi?id=2177883 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonsei.ac.kr/T/#u https://security.netapp.com& • CWE-125: Out-of-bounds Read •