CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2023-52160 – wpa_supplicant: potential authorization bypass
https://notcve.org/view.php?id=CVE-2023-52160
22 Feb 2024 — The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. La implementación de PEAP en wpa_supplicant hasta ... • https://github.com/Helica-core/eap_pwn • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 23EXPL: 0CVE-2024-25744 – kernel: untrusted VMM can trigger int80 syscall handling
https://notcve.org/view.php?id=CVE-2024-25744
12 Feb 2024 — In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c. En el kernel de Linux anterior a 6.6.7, un VMM que no es de confianza puede activar el manejo de llamadas al sistema int80 en cualquier punto dado. Esto está relacionado con arch/x86/coco/tdx/tdx.c y arch/x86/mm/mem_encrypt_amd.c. A flaw was found in the Linux kernel. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.7 •
CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 0CVE-2024-1151 – Kernel: stack overflow problem in open vswitch kernel module leading to dos
https://notcve.org/view.php?id=CVE-2024-1151
11 Feb 2024 — A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues. Se informó una vulnerabilidad en el subcomponente Open vSwitch del kernel de Linux. • https://access.redhat.com/errata/RHSA-2024:4823 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2023-6536 – Kernel: null pointer dereference in __nvmet_req_complete
https://notcve.org/view.php?id=CVE-2023-6536
07 Feb 2024 — A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva a... • https://access.redhat.com/errata/RHSA-2024:0723 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2023-6535 – Kernel: null pointer dereference in nvmet_tcp_execute_request
https://notcve.org/view.php?id=CVE-2023-6535
07 Feb 2024 — A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva a... • https://access.redhat.com/errata/RHSA-2024:0723 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2023-6356 – Kernel: null pointer dereference in nvmet_tcp_build_iovec
https://notcve.org/view.php?id=CVE-2023-6356
07 Feb 2024 — A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que llev... • https://access.redhat.com/errata/RHSA-2024:0723 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-6240 – Kernel: marvin vulnerability side-channel leakage in the rsa decryption operation
https://notcve.org/view.php?id=CVE-2023-6240
04 Feb 2024 — A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. Se encontró una fuga de canal lateral de vulnerabilidad de Marvin en la operación de descifrado RSA en el kernel de Linux. Este problema puede permitir que un atacante de red descifre textos cifrados o falsifique firmas, limitando los servicios que utilizan esa clave priv... • https://access.redhat.com/errata/RHSA-2024:1881 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 71%CPEs: 12EXPL: 13CVE-2024-1086 – Linux Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-1086
31 Jan 2024 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. Una vulnerabilidad de use after free en el componente net... • https://packetstorm.news/files/id/177862 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2024-0564 – Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication
https://notcve.org/view.php?id=CVE-2024-0564
30 Jan 2024 — A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page sharing=256", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond t... • https://access.redhat.com/security/cve/CVE-2024-0564 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0841 – Kernel: hugetlbfs: null pointer dereference in hugetlbfs_fill_super function
https://notcve.org/view.php?id=CVE-2024-0841
28 Jan 2024 — A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Se encontró un fallo de desreferencia de puntero null en la función Hugetlbfs_fill_super en la funcionalidad Hugetlbfs (páginas HugeTLB) del kernel de Linux. Este problema puede permitir que un usuario local bloquee el sistema o potencialmente aumente sus privil... • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-476: NULL Pointer Dereference •