CVE-2023-3220
https://notcve.org/view.php?id=CVE-2023-3220
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93340e10b9c5fc86730d149636e0aa8b47bb5a34 • CWE-476: NULL Pointer Dereference •
CVE-2023-3312
https://notcve.org/view.php?id=CVE-2023-3312
A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service. • https://patchwork.kernel.org/project/linux-pm/patch/20230323174026.950622-1-krzysztof.kozlowski%40linaro.org https://security.netapp.com/advisory/ntap-20230731-0005 • CWE-415: Double Free •
CVE-2023-35826
https://notcve.org/view.php?id=CVE-2023-35826
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50d0a7aea4809cef87979d4669911276aa23b71f https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a%40xs4all.nl https://lore.kernel.org/linux-arm-kernel/20230308032333.1893394-1-zyytlz.wz%40163.com/T https://security.netapp.com/advisory/ntap-20230803-0002 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVE-2023-35827
https://notcve.org/view.php?id=CVE-2023-35827
An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. • https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://lore.kernel.org/lkml/cca0b40b-d6f8-54c7-1e46-83cb62d0a2f1%40huawei.com/T https://security.netapp.com/advisory/ntap-20230803-0003 https://www.spinics.net/lists/netdev/msg886947.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVE-2023-35824 – kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c()
https://notcve.org/view.php?id=CVE-2023-35824
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c. A race condition was found in the Linux kernel's dm1105 device driver when removing the module before cleanup in the dm1105_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5abda7a16698d4d1f47af1168d8fa2c640116b4a https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/all/49bb0b6a-e669-d4e7-d742-a19d2763e947%40xs4all.nl https://lore.kernel.org/lkml/20230318081506.795147-1-zyytlz.wz%40163.com https://security.netapp.com& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •