CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 5CVE-2023-32233 – kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
https://notcve.org/view.php?id=CVE-2023-32233
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. • https://github.com/oferchen/POC-CVE-2023-32233 https://github.com/PIDAN-HEIDASHUAI/CVE-2023-32233 https://github.com/Liuk3r/CVE-2023-32233 https://github.com/RogelioPumajulca/TEST-CVE-2023-32233 https://github.com/void0red/CVE-2023-32233 http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html http://www.openwall.com/lists/oss-security/2023/05/15/5 https://bugzilla.redhat.com/show_bug.cgi?id=2196105 https://git.kernel.org/cgit/linux/k • CWE-416: Use After Free •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2023-2156 – Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-2156
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the RPL protocol. • http://www.openwall.com/lists/oss-security/2023/05/17/8 http://www.openwall.com/lists/oss-security/2023/05/17/9 http://www.openwall.com/lists/oss-security/2023/05/18/1 http://www.openwall.com/lists/oss-security/2023/05/19/1 https://bugzilla.redhat.com/show_bug.cgi?id=2196292 https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html https://security.netapp.com/advisory/ntap-20230622-0001 https://www.debian.org/security/2023/dsa-5448 https:// • CWE-617: Reachable Assertion •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2023-2194 – kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer()
https://notcve.org/view.php?id=CVE-2023-2194
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution. An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not limited to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. • https://bugzilla.redhat.com/show_bug.cgi?id=2188396 https://github.com/torvalds/linux/commit/92fbb6d1296f https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://access.redhat.com/security/cve/CVE-2023-2194 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28327 – kernel: denial of service problem in net/unix/diag.c
https://notcve.org/view.php?id=CVE-2023-28327
A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=2177382 https://access.redhat.com/security/cve/CVE-2023-28327 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2019 – Linux Kernel netdevsim Improper Update of Reference Count Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-2019
A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the scheduling of events. • https://bugzilla.redhat.com/show_bug.cgi?id=2189137 https://github.com/torvalds/linux/commit/180a6a3ee60a https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811 • CWE-911: Improper Update of Reference Count •