Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

11 matches found

CVE•added 2023/12/21 8:15 p.m.•348 views

CVE-2023-6546

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting th...

7CVSS7.6AI score0.00267EPSS

CVE•added 2023/12/08 5:15 p.m.•262 views

CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

7.1CVSS7AI score0.00009EPSS

CVE•added 2023/12/08 5:15 p.m.•224 views

CVE-2023-6610

An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

7.1CVSS6.7AI score0.0001EPSS

CVE•added 2023/12/08 6:15 p.m.•186 views

CVE-2023-6622

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.

5.5CVSS6.1AI score0.0001EPSS

CVE•added 2023/12/19 2:15 p.m.•182 views

CVE-2023-6931

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past com...

7.8CVSS7.5AI score0.00241EPSS

CVE•added 2023/12/19 2:15 p.m.•175 views

CVE-2023-6932

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past com...

7.8CVSS7.3AI score0.00027EPSS

CVE•added 2023/12/18 3:15 p.m.•142 views

CVE-2023-6817

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, le...

7.8CVSS7.8AI score0.00021EPSS

CVE•added 2023/12/21 8:15 p.m.•119 views

CVE-2023-7042

A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.

5.5CVSS6.9AI score0.00012EPSS

CVE•added 2023/12/11 7:15 p.m.•105 views

CVE-2023-6679

A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.

5.5CVSS6AI score0.00013EPSS

CVE•added 2023/12/09 11:15 p.m.•94 views

CVE-2023-50431

sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized.

5.5CVSS5.7AI score0.00009EPSS

CVE•added 2023/12/09 12:15 a.m.•74 views

CVE-2023-6560

An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.

5.5CVSS5.3AI score0.00009EPSS