CloudLinuxCLSA-2024:1705494430kernel: Fix of 13 CVEs
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.8%
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
Related
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.8%