Linux

Linux Kernel

14420 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2023-3397

  • EPSS 0.01%
  • Veröffentlicht 01.11.2023 20:15:08
  • Zuletzt bearbeitet 21.11.2024 08:17:11

A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information.

8.8

CVE-2023-5178

  • EPSS 8.63%
  • Veröffentlicht 01.11.2023 17:15:11
  • Zuletzt bearbeitet 24.03.2026 12:16:08

A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free prob...

4.7

CVE-2023-46862

  • EPSS 0.01%
  • Veröffentlicht 29.10.2023 04:15:11
  • Zuletzt bearbeitet 21.11.2024 08:29:26

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.

7

CVE-2023-46813

  • EPSS 0.33%
  • Veröffentlicht 27.10.2023 03:15:08
  • Zuletzt bearbeitet 25.02.2026 18:18:23

An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead t...

7.8

CVE-2023-5717

  • EPSS 0.23%
  • Veröffentlicht 25.10.2023 18:17:43
  • Zuletzt bearbeitet 13.02.2025 18:15:59

A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its ...

7.8

CVE-2023-5633

  • EPSS 0.02%
  • Veröffentlicht 23.10.2023 22:15:09
  • Zuletzt bearbeitet 25.02.2026 19:29:20

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acce...

6.3

CVE-2023-40791

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.10.2023 03:15:09
  • Zuletzt bearbeitet 21.11.2024 08:20:07

extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.

7.8

CVE-2023-45898

  • EPSS 0.02%
  • Veröffentlicht 16.10.2023 03:15:09
  • Zuletzt bearbeitet 05.05.2025 14:12:02

The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.

7.5

CVE-2023-45871

  • EPSS 0.03%
  • Veröffentlicht 15.10.2023 01:15:09
  • Zuletzt bearbeitet 05.05.2025 14:12:06

An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.

5.5

CVE-2023-45862

  • EPSS 0.02%
  • Veröffentlicht 14.10.2023 21:15:45
  • Zuletzt bearbeitet 21.11.2024 08:27:30

An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.