linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

2024-05-1617:41:52

Google

osv.dev

linux

broadcom fullmac wlan

use-after-free

denial of service

ext4 file system

jfs file system

nilfs2 file system

core kernel

bluetooth subsystem

networking core

ipv4 networking

logical link layer

mac80211 subsystem

netlink

nfc subsystem

tomoyo security module

cve-2023-47233

cve-2023-52601

cve-2024-26622

cve-2024-26805

cve-2024-26635

cve-2023-52602

cve-2024-26801

cve-2023-52566

cve-2024-26704

cve-2021-46939

cve-2024-26614

cve-2023-52604

cve-2023-52530

cve-2023-52524

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.1%

JSON

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Ext4 file system;
JFS file system;
NILFS2 file system;
Core kernel;
Bluetooth subsystem;
Networking core;
IPv4 networking;
Logical Link layer;
MAC80211 subsystem;
Netlink;
NFC subsystem;
Tomoyo security module;
(CVE-2023-52601, CVE-2024-26622, CVE-2024-26805, CVE-2024-26635,
CVE-2023-52602, CVE-2024-26801, CVE-2023-52566, CVE-2024-26704,
CVE-2021-46939, CVE-2024-26614, CVE-2023-52604, CVE-2023-52530,
CVE-2023-52524)