3 matches found
AZL-31149 CVE-2023-5345 affecting package kernel for versions less than 5.15.135.1-2
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3fscontextparseparam, ctx-password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading pas...
AZL-30050 CVE-2023-42753 affecting package kernel for versions less than 5.15.135.1-2
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...
AZL-28676 CVE-2023-4244 affecting package kernel for versions less than 5.15.135.1-2
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Due to a race condition between nftables netlink control plane transaction and nftset element garbage collection, it is possible to underflow the reference...