CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1249 – kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump code
https://notcve.org/view.php?id=CVE-2023-1249
21 Mar 2023 — A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected. The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees. • https://packetstorm.news/files/id/171912 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1252 – kernel: ovl: fix use after free in struct ovl_aio_req
https://notcve.org/view.php?id=CVE-2023-1252
21 Mar 2023 — A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected. The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees... • https://lore.kernel.org/lkml/20211115165433.449951285%40linuxfoundation.org • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48423 – Ubuntu Security Notice USN-6079-1
https://notcve.org/view.php?id=CVE-2022-48423
19 Mar 2023 — In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48424 – Ubuntu Security Notice USN-6079-1
https://notcve.org/view.php?id=CVE-2022-48424
19 Mar 2023 — In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48425 – Ubuntu Security Notice USN-6339-3
https://notcve.org/view.php?id=CVE-2022-48425
19 Mar 2023 — In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not proper... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=467333af2f7b95eeaa61a5b5369a80063cd971fd • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-1390 – kernel: remote DoS in TIPC kernel module
https://notcve.org/view.php?id=CVE-2023-1390
16 Mar 2023 — A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation ... • https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5 • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0CVE-2023-28466 – kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-28466
15 Mar 2023 — do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). A use-after-free flaw was found in the do_tls_getsockopt function in net/tls/tls_main.c in the Transport Layer Security (TLS) in the Network subcompact in the Linux kernel. This flaw allows an attacker to cause a NULL pointer dereference problem due to a race condition. It was discovered that the Traffic-Control Index imp... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0030
https://notcve.org/view.php?id=CVE-2023-0030
08 Mar 2023 — A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2157270 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2023-0210 – Ubuntu Security Notice USN-6079-1
https://notcve.org/view.php?id=CVE-2023-0210
03 Mar 2023 — A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems. It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not prope... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3707 – kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed
https://notcve.org/view.php?id=CVE-2022-3707
03 Mar 2023 — A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=2137979 • CWE-415: Double Free CWE-460: Improper Cleanup on Thrown Exception •