Lucene search
K

6633 matches found

CVE
CVE
added 2023/06/23 12:0 a.m.82 views

CVE-2023-32389

CVE-2023-32389 is an Apple kernel memory disclosure vulnerability affecting multiple Apple platforms (iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4). The issue is described as an information disclosure that could allow an app to disclose kernel memory. The CVE entry lists a...

5.5CVSS4.8AI score0.00248EPSS
Exploits0References4Affected Software5
RedHat Linux
RedHat Linux
added 2023/06/21 2:46 p.m.5 views

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

7.8CVSS6.6AI score0.12966EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2023/06/21 8:49 a.m.4 views

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

7.8CVSS6.6AI score0.12966EPSS
Exploits7References6
OSV
OSV
added 2023/06/16 7:59 p.m.6 views

USN-6174-1 linux-oem-5.17 vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 It was discovered that the Huma...

7.8CVSS6.9AI score0.00635EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.32 views

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12413)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12413 advisory. - netfilter: nftables: deactivate anonymous set from preparation phase Pablo Neira Ayuso Orabug: 35382084 CVE-2023-32233 - KVM: nVMX: add missing...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.29 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12394)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12394 advisory. - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2023/06/08 12:0 a.m.30 views

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6149-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6149-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

7.8CVSS7.6AI score0.16642EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2023/06/06 1:40 p.m.4 views

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

7.8CVSS6.6AI score0.12966EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2023/06/06 8:53 a.m.6 views

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

8.8CVSS6.8AI score0.02014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/06 8:50 a.m.2 views

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

7.8CVSS6.6AI score0.12966EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2023/06/06 8:50 a.m.7 views

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

8.8CVSS6.8AI score0.02014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/06 8:48 a.m.4 views

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

7.8CVSS6.6AI score0.12966EPSS
Exploits7References6
CNNVD
CNNVD
added 2023/06/06 12:0 a.m.4 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from memory corruption due to improper access control in the kernel when handling mapping requests from the root process...

7.8CVSS7.4AI score0.00095EPSS
Exploits0References2
Amazon
Amazon
added 2023/06/06 12:0 a.m.54 views

Important: kernel

Issue Overview: In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are...

7.8CVSS6.7AI score0.12966EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.44 views

Debian dla-3446 : linux-config-5.10 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3446 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3446-1 [email protected]...

7.8CVSS7.3AI score0.12966EPSS
Exploits20References8
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.66 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2023-046)

The version of kernel installed on the remote host is prior to 5.4.242-156.349. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2023-046 advisory. In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2023/06/05 12:0 a.m.26 views

AlmaLinux 8 : kernel-rt (ALSA-2023:3350)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3350 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...

7.8CVSS7.1AI score0.12966EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2023/06/05 12:0 a.m.35 views

AlmaLinux 8 : kernel (ALSA-2023:3349)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3349 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...

7.8CVSS7.1AI score0.12966EPSS
Exploits7References2
OSV
OSV
added 2023/06/01 9:39 p.m.5 views

USN-6133-1 linux-intel-iotg vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

8.1CVSS7AI score0.01029EPSS
Exploits2References13
Prion
Prion
added 2023/05/31 7:15 p.m.25 views

Information disclosure

Windows Kernel Memory Information Disclosure Vulnerability...

1.7CVSS6.1AI score0.00497EPSS
Exploits0References1Affected Software11
Rows per page
Query Builder