CVE-2023-20938
- EPSS 0.33%
- Veröffentlicht 28.02.2023 17:15:10
- Zuletzt bearbeitet 21.11.2024 07:41:51
In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-26607
- EPSS 0.61%
- Veröffentlicht 26.02.2023 23:15:10
- Zuletzt bearbeitet 05.05.2025 16:15:31
In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVE-2023-26545
- EPSS 0.33%
- Veröffentlicht 25.02.2023 04:15:10
- Zuletzt bearbeitet 25.06.2025 20:54:48
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
CVE-2023-0597
- EPSS 0.3%
- Veröffentlicht 23.02.2023 20:15:12
- Zuletzt bearbeitet 12.03.2025 20:15:13
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some ...
CVE-2023-23039
- EPSS 0.21%
- Veröffentlicht 22.02.2023 17:15:11
- Zuletzt bearbeitet 20.03.2025 21:15:17
An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() a...
CVE-2023-0615
- EPSS 0.19%
- Veröffentlicht 06.02.2023 23:15:09
- Zuletzt bearbeitet 25.03.2025 20:15:17
A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user...
CVE-2023-0394
- EPSS 1.02%
- Veröffentlicht 26.01.2023 21:18:07
- Zuletzt bearbeitet 31.03.2025 15:15:38
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
CVE-2022-47929
- EPSS 0.96%
- Veröffentlicht 17.01.2023 21:15:14
- Zuletzt bearbeitet 04.04.2025 18:15:43
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and...
CVE-2022-41858
- EPSS 0.28%
- Veröffentlicht 17.01.2023 18:15:11
- Zuletzt bearbeitet 07.04.2025 17:15:33
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel inform...
- EPSS -
- Veröffentlicht 17.01.2023 06:15:10
- Zuletzt bearbeitet 07.11.2023 03:44:19
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.