CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-4208 – Use-after-free in Linux kernel's net/sched: cls_u32 component
https://notcve.org/view.php?id=CVE-2023-4208
06 Sep 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a u... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-4207 – Use-after-free in Linux kernel's net/sched: cls_fw component
https://notcve.org/view.php?id=CVE-2023-4207
06 Sep 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2023-4206 – Use-after-free in Linux kernel's net/sched: cls_route component
https://notcve.org/view.php?id=CVE-2023-4206
06 Sep 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading t... • https://github.com/hshivhare67/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 45EXPL: 0CVE-2023-32810
https://notcve.org/view.php?id=CVE-2023-32810
04 Sep 2023 — In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212. En el controlador Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20850
https://notcve.org/view.php?id=CVE-2023-20850
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381. En imgsys_cmdq, existe una posible escritura fuera de límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20849
https://notcve.org/view.php?id=CVE-2023-20849
04 Sep 2023 — In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350. En imgsys_cmdq, existe un posible Use After Free debido a una falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20848
https://notcve.org/view.php?id=CVE-2023-20848
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433. En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20847
https://notcve.org/view.php?id=CVE-2023-20847
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108. En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20846
https://notcve.org/view.php?id=CVE-2023-20846
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098. En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20845
https://notcve.org/view.php?id=CVE-2023-20845
04 Sep 2023 — In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357. En imgsys, existe una posible lectura fuera de los límites debido a una falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •