5 matches found
CVE-2023-33952
Summary (MODE C): CVE-2023-33952 is reported in an IBM Security Verified Governance (ISVG) context and affects IBM Security Verify Governance, Identity Manager software component and its virtual appliance, version 10.0.2. The entry states a double-free condition in handling vmw_buffer_object obje...
CVE-2024-0193
CVE-2024-0193 is a Linux kernel netfilter NFT_TABLES use-after-free flaw. The issue arises when the catchall element is garbage-collected during removal of the pipapo set, enabling double deactivation of the element and a use-after-free on NFT_CHAIN or NFT_OBJECT. This could allow a local unprivi...
CVE-2023-33951
The CVE-2023-33951 entry affects the vmwgfx driver in the Linux kernel, where a race condition in handling GEM objects due to improper locking can lead to information disclosure in kernel context. Connected advisories (MiracleLinux AXSA-2023-7038/AXSA:2023-7038:31) explicitly reference a vmwgfx i...
CVE-2026-43289
CVE-2026-43289 relates to the Linux kernel kexec flow. The patch fixes kexec_load_purgatory() so image->start is derived from the purgatory_start symbol when present, rather than blindly locating e_entry within an SHF_EXECINSTR section. This prevents the entrypoint check from matching multiple...
CVE-2023-53580
CVE-2023-53580 : In the Linux kernel, a deadlock could occur when unbinding a UVC gadget driver because gadget_unbind_driver() holds udc->connect_lock while invoking the driver’s unbind(), while usb_gadget_deactivate() also tries to acquire that lock. The fix removes the mutex around the unbin...