Linux Kernel@6.4 Security Vulnerabilities and Issues — Linux Kernel@6.4 CVE List

Lucene search

LinuxLinux Kernel6.4

8 matches found

CVE•added 2023/07/21 9:15 p.m.•373 views

CVE-2023-3609

A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If a...

7.8CVSS7.5AI score0.00014EPSS

CVE•added 2024/01/09 6:15 p.m.•278 views

CVE-2024-0340

A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to re...

5.5CVSS4.8AI score0.00006EPSS

CVE•added 2023/12/08 5:15 p.m.•264 views

CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

7.1CVSS7AI score0.00009EPSS

CVE•added 2024/01/12 12:15 a.m.•196 views

CVE-2024-0443

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This ...

5.5CVSS5AI score0.00014EPSS

CVE•added 2023/06/23 8:15 p.m.•154 views

CVE-2023-3212

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kern...

4.4CVSS6.3AI score0.00011EPSS

CVE•added 2023/11/03 8:15 a.m.•91 views

CVE-2023-1194

An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parse_lease_state()...

8.1CVSS7.9AI score0.00091EPSS

CVE•added 2024/01/22 1:15 p.m.•84 views

CVE-2024-0775

A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.

7.1CVSS6.4AI score0.0001EPSS

CVE•added 2023/07/11 12:15 p.m.•83 views

CVE-2023-3269

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, a...

7.8CVSS7.9AI score0.00196EPSS