CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0192
https://notcve.org/view.php?id=CVE-2023-0192
01 Apr 2023 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-0191 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0191
01 Apr 2023 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-0188 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0188
01 Apr 2023 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0185 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0185
01 Apr 2023 — NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-196: Unsigned to Signed Conversion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0183 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0183
01 Apr 2023 — NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-0181 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0181
01 Apr 2023 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-276: Incorrect Default Permissions CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0180 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0180
01 Apr 2023 — NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-1652 – Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c
https://notcve.org/view.php?id=CVE-2023-1652
29 Mar 2023 — A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support f... • https://access.redhat.com/security/cve/cve-2023-1652 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28328 – kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c
https://notcve.org/view.php?id=CVE-2023-28328
28 Mar 2023 — A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attack... • https://bugzilla.redhat.com/show_bug.cgi?id=2177389 • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3923 – kernel: stack information leak in infiniband RDMA
https://notcve.org/view.php?id=CVE-2021-3923
27 Mar 2023 — A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. • https://bugzilla.redhat.com/show_bug.cgi?id=2019643 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •