NotCVE - vendor:"Linux" product:"Linux Kernel" version:" >= 5.18

Page 482 of 2535 results (0.069 seconds)

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

CVE-2022-4139 – kernel: i915: Incorrect GPU TLB flush can lead to random memory access

https://notcve.org/view.php?id=CVE-2022-4139

An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2147572 https://security.netapp.com/advisory/ntap-20230309-0004 https://www.openwall.com/lists/oss-security/2022/11/30/1 https://access.redhat.com/security/cve/CVE-2022-4139 • CWE-281: Improper Preservation of Permissions CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-23455 – Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion

https://notcve.org/view.php?id=CVE-2023-23455

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). A denial of service flaw was found in atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://www.debian.org/security/2023/dsa-5324 https://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.openwall.com/lists/oss-security/2023/01/10/4 https://access.redhat.com/security/cve/CVE-2023-23455 https:/ • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-23454 – kernel: slab-out-of-bounds read vulnerabilities in cbq_classify

https://notcve.org/view.php?id=CVE-2023-23454

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). An out-of-bounds (OOB) read problem was found in cbq_classify in net/sched/sch_cbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://www.debian.org/security/2023/dsa-5324 https://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.openwall.com/lists/oss-security/2023/01/10/4 https://access.redhat.com/security/cve/CVE-2023-23454 https:/ • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-4379 – kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack

https://notcve.org/view.php?id=CVE-2022-4379

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75333d48f92256a0dec91dbf07835e804fc411c0 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aeba12b26c79fc35e07e511f692a8907037d95da https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LECFVUHKIRBV5JJBE3KQCLGKNYJPBRCN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAVD6JIILAVSRH • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-3977

https://notcve.org/view.php?id=CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a732b46736cd8a29092e4b0b1a9ba83e672bf89 https://security.netapp.com/advisory/ntap-20230223-0005 • CWE-416: Use After Free •

1...480 481 482 483 484