Lucene search

Hci Baseboard Management Controller Security Vulnerabilities - 2023

cve

CVE-2022-41858

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

7.1CVSS

6.6AI Score

0.0004EPSS

2023-01-17 06:15 PM

107

cve

CVE-2023-1989

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

7CVSS

6.9AI Score

0.0004EPSS

2023-04-11 09:15 PM

119

cve

CVE-2023-2006

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of...

7CVSS

7.1AI Score

0.0005EPSS

2023-04-24 09:15 PM

cve

CVE-2023-2236

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-05-01 01:15 PM

cve

CVE-2023-23559

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-01-13 01:15 AM

166

cve

CVE-2023-2598

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.

7.8CVSS

7.2AI Score

0.0004EPSS

2023-06-01 01:15 AM

cve

CVE-2023-26607

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.

7.1CVSS

6.4AI Score

0.0004EPSS

2023-02-26 11:15 PM

cve

CVE-2023-3141

A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.

7.1CVSS

6.8AI Score

0.0004EPSS

2023-06-09 08:15 PM

102

cve

CVE-2023-32233

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-05-08 08:15 PM

515