CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45898
https://notcve.org/view.php?id=CVE-2023-45898
The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent. El kernel de Linux anterior a 6.5.4 tiene un es1 use-after-free en fs/ext4/extents_status.c, relacionado con ext4_es_insert_extent. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.4 https://github.com/torvalds/linux/commit/768d612f79822d30a1e7d132a4d4b05337ce42ec https://lkml.org/lkml/2023/8/13/477 https://lore.kernel.org/lkml/aa03f191-445c-0d2e-d6d7-0a3208d7df7a%40huawei.com/T https://www.spinics.net/lists/stable-commits/msg317086.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45871 – kernel: IGB driver inadequate buffer size for frames larger than MTU
https://notcve.org/view.php?id=CVE-2023-45871
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. Se descubrió un problema en drivers/net/ethernet/intel/igb/igb_main.c en el controlador IGB en el kernel de Linux anterior a 6.5.3. Es posible que un tamaño de búfer no sea adecuado para tramas más grandes que la MTU. A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bb5ed01cd2428cd25b1c88a3a9cba87055eb289f https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://security.netapp.com/advisory/ntap-20231110-0001 https://access.redhat.com/security/cve/CVE-2023-45871 https://bugzilla.redhat.com/show_bug.cgi?id=2244723 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42752 – Kernel: integer overflow in igmpv3_newpack leading to exploitable memory access
https://notcve.org/view.php?id=CVE-2023-42752
An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. Se encontró una falla de desbordamiento de enteros en el kernel de Linux. Este problema lleva a que el kernel asigne `skb_shared_info` en el espacio de usuario, lo cual es explotable en sistemas sin protección SMAP ya que `skb_shared_info` contiene referencias a punteros de función. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://access.redhat.com/security/cve/CVE-2023-42752 https://bugzilla.redhat.com/show_bug.cgi?id=2239828 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=915d975b2ffa https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c3b704d4a4a2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-39189 – Kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()
https://notcve.org/view.php?id=CVE-2023-39189
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Se encontró una falla en el subsistema Netfilter en el kernel de Linux. La función nfnl_osf_add_callback no validó el campo opt_num controlado por el modo de usuario. • https://access.redhat.com/errata/RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:3138 https://access.redhat.com/security/cve/CVE-2023-39189 https://bugzilla.redhat.com/show_bug.cgi?id=2226777 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 1CVE-2023-42755 – Kernel: rsvp: out-of-bounds read in rsvp_classify()
https://notcve.org/view.php?id=CVE-2023-42755
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. Se encontró una falla en el clasificador del IPv4 Resource Reservation Protocol (RSVP) en el kernel de Linux. El puntero xprt puede ir más allá de la parte lineal del skb, lo que lleva a una lectura fuera de límites en la función `rsvp_classify`. • https://access.redhat.com/errata/RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:3138 https://access.redhat.com/security/cve/CVE-2023-42755 https://bugzilla.redhat.com/show_bug.cgi?id=2239847 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://seclists.org/oss-sec/2023/q3/229 • CWE-125: Out-of-bounds Read •