Lucene search
K

384 matches found

RedhatCVE
RedhatCVE
added 2024/02/20 8:21 p.m.38 views

CVE-2023-52433

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nftsetrbtree, where new elements in this transaction might expire before the transaction ends. Skip sync GC for such elements, otherwise a commit path might walk over an already released object. Once the...

7.8CVSS6.2AI score0.00265EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/01/31 7:26 p.m.427 views

CVE-2024-1086

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nftverdictinit function, allowing positive values as a drop error within the hook verdict, therefore, the nfhookslow function can cause a double-free vulnerability when NFDROP is issued with a drop error tha...

7.8CVSS7.7AI score0.28058EPSS
Exploits16References6
RedhatCVE
RedhatCVE
added 2024/01/31 7:26 p.m.50 views

CVE-2024-1085

A double-free flaw was found in how the Linux kernel's NetFilter system marks whether a catch-all element is enabled. A local user could use this flaw to crash the system. Mitigation 1. This flaw can be mitigated by preventing the affected netfilter nftables kernel module from being loaded. For...

6.6CVSS7.3AI score0.00284EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/01/02 12:0 a.m.36 views

CVE-2023-7192

A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow...

5.5CVSS6.7AI score0.00301EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2023/12/30 6:30 p.m.69 views

CVE-2023-7192

A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow. Mitigation Triggering this issue requires th...

5.5CVSS5.8AI score0.00301EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/12/19 9:17 p.m.46 views

containerd allows RAPL to be accessible to a container

/sys/devices/virtual/powercap accessible by default to containers Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux...

5.5CVSS7AI score0.00462EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/12/19 9:17 p.m.36 views

GHSA-7WW5-4WQC-M92C containerd allows RAPL to be accessible to a container

/sys/devices/virtual/powercap accessible by default to containers Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux...

5.8AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/12/19 2:15 p.m.40 views

CVE-2023-6932

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...

7.8CVSS6.6AI score0.00371EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2023/12/18 8:27 p.m.109 views

CVE-2023-6817

A use-after-free flaw was found in the Netfilter subsystem in the Linux kernel via the nftpipapowalk function. This issue may allow a local user with CAPNETADMIN capability to trigger an application crash, information disclosure, or local privilege escalation. Mitigation In order to trigger the...

7.8CVSS7.5AI score0.12966EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.37 views

Rocky Linux 8 : kernel-rt (RLSA-2022:0176)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0176 advisory. - A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attack...

8.4CVSS7.3AI score0.25151EPSS
Exploits11References5
OSV
OSV
added 2023/10/30 3:25 p.m.51 views

GHSA-JQ35-85CJ-FJ4P /sys/devices/virtual/powercap accessible by default to containers

Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux kernel 3.13, which reads values via relevant MSRs model specific...

5.8AI score
Exploits0References8
Spring Security Advisories
Spring Security Advisories
added 2023/09/19 12:0 a.m.25 views

This Week in Spring - September 19th, 2023 (Java 21 Edition)

Hi, Spring fans! Welcome to another installment of This Week in Spring - Java 21 edition! The big news, indeed, the biggest news, is that Java 21 is now available here! You should use SDKMAN to install it, like this: sdk install java 21-graalce && sdk default java 21-graalce. This install givews...

6.7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2023/09/14 8:15 p.m.66 views

CVE-2023-4563

Rejected reason: This was assigned as a duplicate of CVE-2023-4244...

6.7AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/09/11 5:15 p.m.35 views

CVE-2023-4881

Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team...

6.7AI score
Exploits0References26
UbuntuCve
UbuntuCve
added 2023/09/06 2:15 p.m.156 views

CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

7.8CVSS6.7AI score0.00301EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/08/10 12:0 a.m.74 views

CVE-2023-4128

A use-after-free flaw was found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. Bugs Notes...

7.8CVSS7AI score0.00565EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2023/08/03 12:0 a.m.65 views

CVE-2023-3995

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147...

6.7AI score
Exploits1References14
UbuntuCve
UbuntuCve
added 2023/07/21 9:15 p.m.36 views

CVE-2023-3609

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker...

7.8CVSS6.8AI score0.00458EPSS
Exploits1References19
UbuntuCve
UbuntuCve
added 2023/07/21 9:15 p.m.29 views

CVE-2023-3776

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker ca...

7.8CVSS6.8AI score0.00521EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2023/06/05 12:25 p.m.36 views

CVE-2020-36694

A use-after-free flaw was found in the packet processing context in net/netfilter/xtables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement and can be exploited with the CAPNETADMIN capability in an...

6.6CVSS6.5AI score0.00444EPSS
Exploits1References4
Rows per page
Query Builder