CVE-2023-32248
- EPSS 0.11%
- Veröffentlicht 24.07.2023 16:15:11
- Zuletzt bearbeitet 21.11.2024 08:02:58
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer p...
CVE-2023-35001
- EPSS 0.21%
- Veröffentlicht 05.07.2023 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:07:48
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
CVE-2023-3390
- EPSS 0.1%
- Veröffentlicht 28.06.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 08:17:09
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-aft...
- EPSS 0.02%
- Veröffentlicht 28.06.2023 12:15:09
- Zuletzt bearbeitet 21.11.2024 07:38:51
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1a...
- EPSS 0.03%
- Veröffentlicht 18.06.2023 22:15:09
- Zuletzt bearbeitet 21.11.2024 08:08:46
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.
- EPSS 0.05%
- Veröffentlicht 18.06.2023 22:15:09
- Zuletzt bearbeitet 21.11.2024 08:08:46
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.
CVE-2022-48502
- EPSS 0.01%
- Veröffentlicht 31.05.2023 20:15:10
- Zuletzt bearbeitet 21.11.2024 07:33:27
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
- EPSS 0.02%
- Veröffentlicht 11.04.2023 21:15:15
- Zuletzt bearbeitet 21.11.2024 07:40:17
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVE-2023-1838
- EPSS 0.01%
- Veröffentlicht 05.04.2023 19:15:07
- Zuletzt bearbeitet 21.11.2024 07:39:59
A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel infor...
- EPSS 0.02%
- Veröffentlicht 16.03.2023 00:15:11
- Zuletzt bearbeitet 05.05.2025 16:15:34
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).