CVE-2023-31085
- EPSS 0.38%
- Veröffentlicht 24.04.2023 06:15:08
- Zuletzt bearbeitet 21.11.2024 08:01:23
An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.
CVE-2023-31082
- EPSS 0.36%
- Veröffentlicht 24.04.2023 06:15:07
- Zuletzt bearbeitet 21.11.2024 08:01:22
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability.
CVE-2023-31083
- EPSS 0.33%
- Veröffentlicht 24.04.2023 06:15:07
- Zuletzt bearbeitet 03.11.2025 22:16:17
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer derefere...
CVE-2023-31084
- EPSS 0.41%
- Veröffentlicht 24.04.2023 06:15:07
- Zuletzt bearbeitet 18.03.2025 20:15:19
An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test...
CVE-2023-1998
- EPSS 1.38%
- Veröffentlicht 21.04.2023 15:15:07
- Zuletzt bearbeitet 13.02.2025 17:16:01
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the k...
CVE-2023-2194
- EPSS 0.25%
- Veröffentlicht 20.04.2023 21:15:09
- Zuletzt bearbeitet 23.04.2025 17:16:29
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of ...
CVE-2023-2177
- EPSS 0.21%
- Veröffentlicht 20.04.2023 21:15:08
- Zuletzt bearbeitet 18.03.2025 20:15:19
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the ...
CVE-2023-1382
- EPSS 0.18%
- Veröffentlicht 19.04.2023 23:15:06
- Zuletzt bearbeitet 19.03.2025 16:15:17
A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.
CVE-2023-30772
- EPSS 0.48%
- Veröffentlicht 16.04.2023 04:15:08
- Zuletzt bearbeitet 05.05.2025 16:15:39
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.
CVE-2023-1990
- EPSS 0.23%
- Veröffentlicht 12.04.2023 20:15:07
- Zuletzt bearbeitet 19.03.2025 16:15:17
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.