- EPSS 0.27%
- Veröffentlicht 16.03.2023 00:15:11
- Zuletzt bearbeitet 05.05.2025 16:15:34
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2023-23000
- EPSS 0.27%
- Veröffentlicht 01.03.2023 19:15:25
- Zuletzt bearbeitet 20.03.2025 20:15:28
In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.
CVE-2022-27672
- EPSS 0.29%
- Veröffentlicht 01.03.2023 08:15:10
- Zuletzt bearbeitet 13.04.2026 20:16:23
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
CVE-2023-20938
- EPSS 0.33%
- Veröffentlicht 28.02.2023 17:15:10
- Zuletzt bearbeitet 21.11.2024 07:41:51
In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-0597
- EPSS 0.3%
- Veröffentlicht 23.02.2023 20:15:12
- Zuletzt bearbeitet 12.03.2025 20:15:13
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some ...
CVE-2023-23454
- EPSS 0.31%
- Veröffentlicht 12.01.2023 07:15:08
- Zuletzt bearbeitet 20.03.2025 21:15:18
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than v...
CVE-2022-4543
- EPSS 0.95%
- Veröffentlicht 11.01.2023 15:15:09
- Zuletzt bearbeitet 08.04.2025 20:15:18
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
CVE-2022-47518
- EPSS 0.33%
- Veröffentlicht 18.12.2022 06:15:09
- Zuletzt bearbeitet 17.04.2025 15:15:52
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the li...
CVE-2022-47519
- EPSS 0.3%
- Veröffentlicht 18.12.2022 06:15:09
- Zuletzt bearbeitet 17.04.2025 15:15:52
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the...
CVE-2022-47520
- EPSS 0.31%
- Veröffentlicht 18.12.2022 06:15:09
- Zuletzt bearbeitet 17.04.2025 15:15:53
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) infor...