CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38537

A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-39191

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

DEBIAN-CVE-2023-39191

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38538

The CVE-2023-38538 entry concerns WhatsApp (and related WhatsApp/Android ecosystems per connected records) with a race condition in an event subsystem that causes a heap use-after-free during established audio/video calls. The vulnerability can lead to app termination or unexpected control flow w...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-39191

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

SUSE CVE-2023-39194

A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...

WhatsApp Competitive Conditions Issue Vulnerability

WhatsApp is a suite of mobile applications from the American company WhatsApp that use the Internet to send text messages. The application uses contact information in a smartphone to find contacts using the software to send text, images, etc. A security vulnerability exists in WhatsApp that stems...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6415-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6415-1 advisory. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

Important: kernel

Issue Overview: An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c. CVE-2023-37453 nftables out-of-bounds read in nfosfmatchone CVE-2023-39189 A flaw was found in the Netfilter subsyste...

Important: kernel

Issue Overview: An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c. CVE-2023-37453 nftables out-of-bounds read in nfosfmatchone CVE-2023-39189 A flaw was found in the Netfilter subsyste...

The vulnerability of the eBPF subsystem in Linux kernels allows attackers to enhance their privileges.

The vulnerability of the eBPF subsystem in Linux operating systems is related to errors in processing input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

Ubuntu: Security Advisory (USN-6386-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K000137058: Linux kernel vulnerability CVE-2022-4269

Security Advisory Description A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC action "mirred" a local unprivileged user could trigger a CPU soft lockup ABBA deadlock when the transport...

CVE-2023-42756

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSETCMDADD and IPSETCMDSWAP can lead to a kernel panic due to the invocation of ipsetput on a wrong set. This issue may allow a local user to crash the system...

UBUNTU-CVE-2023-42756

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSETCMDADD and IPSETCMDSWAP can lead to a kernel panic due to the invocation of ipsetput on a wrong set. This issue may allow a local user to crash the system...