Linux Kernel@6.5 Security Vulnerabilities and Issues — Linux Kernel@6.5 CVE List

Lucene search

LinuxLinux Kernel6.5

16 matches found

CVE•added 2024/02/21 8:15 a.m.•7071 views

CVE-2023-52442

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request smb2_get_msg() in smb2_get_ksmbd_tcon() and smb2_check_user_session()will always return the first request smb2 header in a compound request.if SMB2_TREE_CONNECT_HE is the f...

5.5CVSS6.4AI score0.00249EPSS

CVE•added 2023/10/09 6:15 p.m.•530 views

CVE-2023-39194

A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially lea...

4.4CVSS5.8AI score0.00009EPSS

CVE•added 2023/08/07 2:15 p.m.•509 views

CVE-2023-4194

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a09...

5.5CVSS6.7AI score0.00009EPSS

CVE•added 2023/07/21 9:15 p.m.•383 views

CVE-2023-3611

An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks....

7.8CVSS7.9AI score0.00015EPSS

CVE•added 2023/07/21 9:15 p.m.•379 views

CVE-2023-3776

A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an ...

7.8CVSS7.6AI score0.00037EPSS

CVE•added 2023/12/21 8:15 p.m.•351 views

CVE-2023-6546

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting th...

7CVSS7.6AI score0.00291EPSS

CVE•added 2023/08/09 3:15 p.m.•273 views

CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name...

6.7CVSS6.6AI score0.00044EPSS

CVE•added 2023/11/09 8:15 p.m.•229 views

CVE-2023-39198

A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value ...

7.5CVSS7.3AI score0.00008EPSS

CVE•added 2023/08/07 2:15 p.m.•205 views

CVE-2023-4147

A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.

7.8CVSS7.7AI score0.00161EPSS

CVE•added 2023/08/28 10:15 p.m.•172 views

CVE-2023-4569

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

5.5CVSS5.9AI score0.00013EPSS

CVE•added 2024/11/28 3:15 p.m.•152 views

CVE-2023-52922

In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 #230Hard...

7.8CVSS6.2AI score0.00031EPSS

CVE•added 2024/02/05 8:15 a.m.•120 views

CVE-2024-24855

A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

5CVSS5.3AI score0.00012EPSS

CVE•added 2023/11/09 3:15 p.m.•99 views

CVE-2023-6039

A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.

5.5CVSS6.6AI score0.00012EPSS

CVE•added 2023/08/29 10:15 p.m.•91 views

CVE-2023-4611

A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.

7CVSS6AI score0.00016EPSS

CVE•added 2024/02/08 1:15 p.m.•58 views

CVE-2024-1312

A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system.

5.1CVSS4.5AI score0.00022EPSS

CVE•added 2024/11/19 2:15 a.m.•36 views

CVE-2023-52921

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() Since the gang_size check is outside of chunk parsingloop, we need to reset i before we free the chunk data. Suggested by Ye Zhang (@VAR10CK) of Baidu Security.

7.8CVSS6.5AI score0.0003EPSS