Lucene search
K

30 matches found

OSV
OSV
added 2023/07/21 9:15 p.m.1 views

DEBIAN-CVE-2023-3776

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker ca...

7.8CVSS6.5AI score0.00517EPSS
Exploits0References1
OSV
OSV
added 2023/07/21 9:15 p.m.8 views

AZL-27673 CVE-2023-3610 affecting package kernel for versions less than 5.15.122.1-2

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. The vulnerability requires CAPNETADMIN to be triggered...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References1
OSV
OSV
added 2023/07/21 9:15 p.m.2 views

DEBIAN-CVE-2023-3610

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. The vulnerability requires CAPNETADMIN to be triggered...

7.8CVSS6.5AI score0.00259EPSS
Exploits0References1
OSV
OSV
added 2023/07/21 9:15 p.m.9 views

AZL-27676 CVE-2023-3609 affecting package kernel for versions less than 5.15.122.1-2

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker...

7.8CVSS6.6AI score0.00458EPSS
Exploits1References1
OSV
OSV
added 2023/07/21 9:15 p.m.2 views

UBUNTU-CVE-2023-3609

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker...

7.8CVSS6.7AI score0.00458EPSS
Exploits1References20
OSV
OSV
added 2023/06/28 8:15 p.m.5 views

AZL-27350 CVE-2023-3090 affecting package kernel for versions less than 5.15.118.1-2

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb-cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIGIPVLAN is enabled. We...

7.8CVSS6.7AI score0.00491EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/04/27 12:0 a.m.4 views

PT-2023-23002 · H2O · H2O

Name of the Vulnerable Software and Affected Versions: H2O versions 2.3.0-beta2 and prior Description: H2O is an HTTP server. When the reverse proxy handler tries to process a certain type of invalid HTTP request, it tries to build an upstream URL by reading from an uninitialized pointer. This...

8.2CVSS7.9AI score0.00902EPSS
Exploits0References11
OSV
OSV
added 2023/02/28 3:15 p.m.5 views

AZL-25353 CVE-2023-0461 affecting package kernel for versions less than 5.15.102.1-1

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any privilege. There is a...

7.8CVSS6.7AI score0.00652EPSS
Exploits0References1
OSV
OSV
added 2023/02/28 3:15 p.m.1 views

DEBIAN-CVE-2023-0461

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any privilege. There is a...

7.8CVSS6.5AI score0.00652EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:34 a.m.7 views

SUSE CVE-2022-1055

A use-after-free exists in the Linux Kernel in tcnewtfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5...

8.4CVSS6.6AI score0.005EPSS
Exploits1References18
Rows per page
Query Builder