Lucene search

K
cloudlinuxCloudLinuxCLSA-2024:1705494430
HistoryJan 17, 2024 - 12:28 p.m.

kernel: Fix of 13 CVEs

2024-01-1712:28:37
repo.cloudlinux.com
16
kernel
cves
bluetooth
ipv4
smb
net/sched
vc_screen
relayfs
btrfs
xirc2ps_cs
tcp
ipv6
unix

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

51.3%

  • Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
  • ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
  • smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
  • net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
  • net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
  • vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
  • relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
  • btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
  • xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}
  • Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
  • Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
  • tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
  • ipv6: use prandom_u32() for ID generation {CVE-2021-45485}

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

51.3%