CVE-2023-3268 – kernel: out-of-bounds access in relay_file_read
https://notcve.org/view.php?id=CVE-2023-3268
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. An out-of-bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43ec16f1450f4936025a9bdf1a273affdb9732c1 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc%40wangsu.com/T https://security.netapp.com/advisory/ntap-20230824-0006 https://www.debian.org/security/ • CWE-125: Out-of-bounds Read •
CVE-2023-3159
https://notcve.org/view.php?id=CVE-2023-3159
A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails. • https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff • CWE-416: Use After Free •
CVE-2023-3161 – kernel: fbcon: shift-out-of-bounds in fbcon_set_font()
https://notcve.org/view.php?id=CVE-2023-3161
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font->width and font->height greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=2213485 https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be https://access.redhat.com/security/cve/CVE-2023-3161 • CWE-682: Incorrect Calculation CWE-1335: Incorrect Bitwise Shift of Integer •
CVE-2023-3141 – kernel: Use after free bug in r592_remove
https://notcve.org/view.php?id=CVE-2023-3141
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t https://security.netapp.com/advisory/ntap-20230706-0004 https://access.redhat.com • CWE-416: Use After Free •
CVE-2023-20716
https://notcve.org/view.php?id=CVE-2023-20716
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •