CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20844
https://notcve.org/view.php?id=CVE-2023-20844
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121. En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20843
https://notcve.org/view.php?id=CVE-2023-20843
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119. En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20842
https://notcve.org/view.php?id=CVE-2023-20842
04 Sep 2023 — In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477. En imgsys_cmdq, existe una posible escritura fuera de límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20841
https://notcve.org/view.php?id=CVE-2023-20841
04 Sep 2023 — In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441. En imgsys, hay una posible escritura fuera de los límites debido a una falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-20840
https://notcve.org/view.php?id=CVE-2023-20840
04 Sep 2023 — In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430. En imgsys, existe una posible lectura y escritura fuera de límites debido a que falta una verificación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2023-20839
https://notcve.org/view.php?id=CVE-2023-20839
04 Sep 2023 — In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409. En imgsys, existe una posible lectura fuera de los límites debido a una falta de comprobación de rango válido. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.0EPSS: 0%CPEs: 45EXPL: 0CVE-2023-20838
https://notcve.org/view.php?id=CVE-2023-20838
04 Sep 2023 — In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418. En imgsys, existe una posible lectura fuera de límites debido a una condición de carrera. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4015 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-4015
30 Aug 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can lead unbinding the chain and objects be deactivated but later used. We recommend upgrading past commit 0a771f7b266b02d262900c75f1e175c7fe76fec2. Una vulnerabilidad de use-after-free en el netfilter del kernel de Linux: nf_tables componente puede ser explotado ... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a771f7b266b02d262900c75f1e175c7fe76fec2 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-3777 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3777
30 Aug 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. Una vulnerabilidad de Use-After-Free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para l... • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4611 – Use after free race between mbind() and vma-locked page fault
https://notcve.org/view.php?id=CVE-2023-4611
29 Aug 2023 — A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. • https://access.redhat.com/security/cve/CVE-2023-4611 • CWE-416: Use After Free •