Lucene search
K

313 matches found

CVE
CVE
added 2023/06/05 9:40 p.m.836 views

CVE-2023-3079

Summary (CVE-2023-3079) : A type confusion in V8 in Google Chrome prior to 114.0.5735.110 can allow remote code execution via a crafted HTML page, with heap corruption as the underlying issue. The vulnerability affects Chrome’s Chromium-based rendering stack (V8 engine) and is rated High severity...

8.8CVSS8.6AI score0.32724EPSS
In wild
CVE
CVE
added 2023/01/30 1:9 p.m.830 views

CVE-2023-0266

CVE-2023-0266 is a use-after-free in the Linux kernel’s ALSA PCM subsystem. The vulnerability arises because SNDRV_CTL_IOCTL_ELEM_READ32/WRITE32 paths lack proper locking, enabling a use‑after‑free that can lead to privilege escalation to ring0 from a system user. Affected material points to the ...

7.9CVSS8.4AI score0.03702EPSS
In wild
CVE
CVE
added 2023/05/08 12:0 a.m.778 views

CVE-2023-32233

CVE-2023-32233 concerns a use-after-free in Netfilter nf_tables in the Linux kernel (through 6.3.1) when processing batch requests. Unprivileged local users can exploit this to perform arbitrary reads/writes in kernel memory, enabling local privilege escalation to root. The root cause is mishandl...

7.8CVSS7.5AI score0.12966EPSS
CVE
CVE
added 2023/09/25 8:25 p.m.743 views

CVE-2023-42753

CVE-2023-42753 is a Linux kernel netfilter nftables/IPSET issue caused by a missing IP_SET_HASH_WITH_NET0 macro, leading to incorrect CIDR_POS calculations and potential slab out-of-bounds access. Local unprivileged users could trigger memory corruption or crashes; privilege escalation is possibl...

7.8CVSS7.6AI score0.00514EPSS
CVE
CVE
added 2023/09/06 1:56 p.m.661 views

CVE-2023-4622

CVE-2023-4622 is a Linux kernel use-after-free in af_unix (unix_stream_sendpage) where the code accesses the peer’s skb without holding the queue lock, enabling a local privilege escalation through a race with garbage collection. Public analyses in connected advisories (e.g., Astra Linux, ALAS2 l...

7.8CVSS7.7AI score0.00549EPSS
CVE
CVE
added 2023/09/06 1:56 p.m.653 views

CVE-2023-4623

CVE-2023-4623 describes a use-after-free in the Linux kernel’s net/sched sch_hfsc subsystem that can enable local privilege escalation. The issue occurs when a class uses a link-sharing curve (HFSC_FSC) and has a parent without one; init_vf() may call vttree_insert() on the parent, but update_vf(...

7.8CVSS7.9AI score0.0029EPSS
CVE
CVE
added 2023/09/06 1:53 p.m.644 views

CVE-2023-4206

CVE-2023-4206 is a use-after-free vulnerability in the Linux kernel net/sched: cls_route (route handling) caused by route4_change() copying the entire tcf_result into a new filter. On update, tcf_unbind_filter() is invoked on the old instance, decreasing the parent class’ filter_cnt and potential...

7.8CVSS7.7AI score0.00565EPSS
CVE
CVE
added 2023/06/30 12:0 a.m.596 views

CVE-2023-1206

CVE-2023-1206 describes a hash collision flaw in the Linux kernel’s IPv6 connection lookup table that can allow a local attacker or a user with high bandwidth to cause significant CPU spike (up to 95%) on the server accepting IPv6 connections. Connected advisories show this CVE being addressed in...

5.7CVSS6.3AI score0.00553EPSS
CVE
CVE
added 2023/10/05 6:25 p.m.589 views

CVE-2023-42754

CVE-2023-42754 is a vulnerability in the Linux kernel IPv4 stack: a NULL pointer dereference where skb may not be bound to a device before __ip_options_compile if the skb is re-routed by ipvs. The impact is a local crash under CAP_NET_ADMIN. Public details in connected advisories reaffirm the iss...

5.5CVSS6.8AI score0.00406EPSS
CVE
CVE
added 2023/08/07 1:19 p.m.588 views

CVE-2023-4194

CVE-2023-4194 affects the Linux kernel TUN/TAP network devices. A type confusion in initialization of tun/tap sockets could let a local user bypass network filters and access resources. The description notes patches for CVE-2023-1076 were incomplete; upstream commits (tun_chr_open/tun_open and re...

5.5CVSS6.7AI score0.00274EPSS
CVE
CVE
added 2023/10/09 5:57 p.m.584 views

CVE-2023-39194

CVE-2023-39194 – The Apollo/CVE entry documents a flaw in the Linux kernel XFRM subsystem: during processing of state filters, an out-of-bounds read past the end of an allocated buffer can be triggered by a local attacker with CAP_NET_ADMIN privileges, potentially leading to information disclosur...

4.4CVSS5.8AI score0.00417EPSS
CVE
CVE
added 2023/10/09 5:57 p.m.576 views

CVE-2023-39193

CVE-2023-39193 affects the Linux kernel Netfilter SCTP path, where sctp_mt_check fails to validate the flag_count field, enabling a local attacker with CAP_NET_ADMIN to trigger an out-of-bounds read that can crash the system or cause information disclosure. Connected advisories (Red Hat, AlmaLinu...

6.1CVSS6.9AI score0.00415EPSS
CVE
CVE
added 2023/09/13 4:11 p.m.562 views

CVE-2023-4155

CVE-2023-4155 describes a vulnerability in the Linux kernel’s KVM AMD SEV implementation. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race that causes the VMGEXIT handler to be invoked recursively. If the handler is called multiple times, this can lead to a ...

5.6CVSS6.2AI score0.00159EPSS
CVE
CVE
added 2023/10/03 2:33 a.m.558 views

CVE-2023-5345

CVE-2023-5345 : A use-after-free in the Linux kernel kernel’s fs/smb/client component can enable local privilege escalation. Specifically, an error in smb3_fs_context_parse_param frees ctx->password but does not set it to NULL, risking a double-free scenario. The issue is documented in the CVE...

7.8CVSS7.7AI score0.0047EPSS
CVE
CVE
added 2023/10/09 5:57 p.m.552 views

CVE-2023-39192

CVE-2023-39192 : A flaw in the Linux kernel Netfilter xt_u32 module allows a local privileged attacker to trigger an out-of-bounds read by crafting improper values in the xt_u32 structure. The root cause is missing validation of fields in xt_u32, leading to crash or information disclosure. Impact...

6.7CVSS6.9AI score0.00397EPSS
CVE
CVE
added 2023/11/01 7:1 p.m.549 views

CVE-2023-1192

CVE-2023-1192 denotes a use-after-free in CIFS smb2_is_status_io_timeout() within the Linux kernel, where memory freed during a system call and CIFS’ later access to that memory can trigger a denial of service. The connected advisories confirm this UAF issue exists in kernel CIFS code and link it...

6.5CVSS7AI score0.01094EPSS
CVE
CVE
added 2023/11/06 10:56 a.m.527 views

CVE-2023-5090

CVE-2023-5090: A flaw in Linux kernel KVM (svm_set_x2apic_msr_interception) enables direct access to host x2apic MSRs when a guest resets its APIC, potentially causing denial of service. Connected advisories (Astra Linux, IBM Guardium bulletin, Amazon ALAS) reference this CVE as part of Linux ker...

6CVSS6.7AI score0.00234EPSS
CVE
CVE
added 2023/01/12 12:0 a.m.525 views

CVE-2023-23454

CVE-2023-23454 affects the Linux kernel cbq_classify (net/sched/sch_cbq.c) up to version 6.1.4, enabling a local attacker to trigger a slab-out-of-bounds read via type confusion (non-negative values may be misinterpreted as TC_ACT_SHOT), causing denial of service. Connected advisories reference s...

5.5CVSS6AI score0.00312EPSS
CVE
CVE
added 2023/07/24 3:19 p.m.524 views

CVE-2023-3567

CVE-2023-3567 is a use-after-free vulnerability in Linux kernel code (vc_screen.c: vcs_read in vc_screen) that can allow a local attacker to crash the system or leak kernel information. Connected advisories (Astra Linux, CIRCL sighting, and Amazon Linux advisories) confirm the same UAF issue and ...

7.1CVSS7AI score0.00419EPSS
CVE
CVE
added 2023/04/12 11:16 a.m.522 views

CVE-2023-1829

CVE-2023-1829 affects the Linux kernel tcindex subsystem. A use-after-free can occur in tcindex_delete when filters are not properly deactivated for a perfect-hash underlying structure, potentially enabling local privilege escalation to root. The flaw is tied to the traffic control index filter (...

7.8CVSS7.8AI score0.01037EPSS
CVE
CVE
added 2023/09/12 7:45 p.m.515 views

CVE-2023-4921

CVE-2023-4921 is a Linux kernel net/sched vulnerability in the qfq (Priority Fair Queue) subsystem. When the plug qdisc is used as a class of the qfq qdisc, sending packets can trigger a use-after-free in qfq_dequeue() due to the incorrect .peek handler in sch_plug and missing error checking in a...

7.8CVSS7.9AI score0.00396EPSS
CVE
CVE
added 2023/03/22 12:0 a.m.513 views

CVE-2023-0386

CVE-2023-0386 describes a Linux kernel OverlayFS uid-mapping bug that lets a local user escalate privileges by improperly handling execution of setuid-capable files copied between mounts. Connected advisories confirm this CVE affecting upstream Linux kernel and note fixes via newer kernel package...

7.8CVSS7.4AI score0.0788EPSS
In wild
CVE
CVE
added 2023/01/05 12:0 a.m.498 views

CVE-2022-4378

CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...

7.8CVSS7.6AI score0.00431EPSS
CVE
CVE
added 2023/04/20 12:0 a.m.491 views

CVE-2023-2177

CVE-2023-2177 describes a NULL pointer dereference in SCTP processing in Linux kernel: if stream_in allocation fails, stream_out is freed and later accessed, allowing a local user to crash the system or cause a denial of service. Affected component: net/sctp/stream_sched.c. Exploitation info is n...

5.5CVSS5.8AI score0.00209EPSS
CVE
CVE
added 2023/05/25 1:22 p.m.490 views

CVE-2023-0459

CVE-2023-0459: Linux kernel on 64-bit systems is affected by a local elevation of information disclosure due to Copy_from_user bypassing __uaccess_begin_nospec, bypassing access_ok and allowing a user to pass a kernel pointer to copy_from_user. Root cause is the __uaccess_begin_nospec handling. I...

6.5CVSS6.4AI score0.00635EPSS
CVE
CVE
added 2023/07/24 3:19 p.m.484 views

CVE-2023-3812

CVE-2023-3812 : Linux kernel TUN/TAP driver flaw allows local users to crash or possibly escalate privileges by generating a malicious oversized networking packet when napi frags is enabled. Root cause: out-of-bounds memory access in packet handling. Public details confirm impact and conditional ...

7.8CVSS7.7AI score0.00344EPSS
CVE
CVE
added 2023/01/24 12:0 a.m.463 views

CVE-2023-0394

CVE-2023-0394: A NULL pointer dereference in rawv6_push_pending_frames() of the Linux kernel (net/ipv6/raw.c) can cause a crash (DoS). The issue is confirmed across multiple advisories (e.g., Astra Linux and Brocade/SANnav postings) as a Linux kernel vulnerability, with no explicit public exploit...

5.5CVSS6.3AI score0.01016EPSS
CVE
CVE
added 2023/07/31 4:22 p.m.458 views

CVE-2023-4004

CVE-2023-4004 is a use-after-free in the Linux kernel’s netfilter nft_pipapo_remove() path when triggering the element without NFT_SET_EXT_KEY_END. This vulnerability can let a local attacker crash the system or potentially escalate privileges. The issue is tied to nf_tables/netfilter behavior an...

7.8CVSS7.8AI score0.0095EPSS
CVE
CVE
added 2023/05/17 12:0 a.m.447 views

CVE-2023-1859

CVE-2023-1859 is a use-after-free in Xen transport 9pfs (xen_9pfs_front_removet in net/9p/trans_xen.c) of the Linux kernel. Connected security bulletins confirm a race condition that could allow a local attacker to crash the system and potentially leak kernel information. Affected is the Xen 9pfs...

4.7CVSS5.5AI score0.00177EPSS
CVE
CVE
added 2023/07/05 6:35 p.m.447 views

CVE-2023-35001

CVE-2023-35001 is a Linux kernel nftables vulnerability where the nft_byteorder expression mishandles vm register contents when CAP_NET_ADMIN exists in any user or network namespace, causing an out-of-bounds read/write in the nf_tables nft_byteorder path. Public references in the provided documen...

7.8CVSS8.1AI score0.01508EPSS
CVE
CVE
added 2023/12/21 8:1 p.m.446 views

CVE-2023-6546

CVE-2023-6546 describes a race condition in the Linux kernel’s GSM 0710 tty multiplexor. Two threads can race on GSMIOC_SETCONF on the same tty when gsm line discipline is enabled, triggering a use-after-free of the gsm_dlci during GSM mux restart and potentially enabling local privilege escalati...

7CVSS7.6AI score0.00767EPSS
CVE
CVE
added 2023/09/22 1:34 p.m.444 views

CVE-2023-34319

CVE-2023-34319 is a Linux kernel netback driver buffer overrun caused by an edge case where an entire packet is fragmented into the maximum pieces yet remains smaller than the area that preserves all headers together, after the XSA-423 fix. Exploitation could enable local denial-of-service or ins...

7.8CVSS6.8AI score0.00296EPSS
CVE
CVE
added 2023/07/21 8:47 p.m.442 views

CVE-2023-3609

CVE-2023-3609 is a Linux kernel use-after-free in the net/sched: cls_u32 classifier. The flaw arises when tcf_change_indev() fails; u32_set_parms() returns after updating the reference counter in tcf_bind_filter(), and an attacker who can manipulate the reference counter to zero can cause the ref...

7.8CVSS7.5AI score0.00458EPSS
CVE
CVE
added 2023/07/25 3:47 p.m.436 views

CVE-2023-3772

CVE-2023-3772 is a Linux kernel vulnerability in the IPsec XFRM subsystem that allows a local attacker with CAP_NET_ADMIN to dereference a NULL pointer in xfrm_update_ae_params(), potentially crashing the kernel and causing a denial of service. Connected documents confirm the root cause as a NULL...

5.5CVSS6.1AI score0.00454EPSS
CVE
CVE
added 2023/07/21 8:49 p.m.435 views

CVE-2023-3611

Consolidated details confirm CVE-2023-3611 affects the Linux kernel’s net/sched sch_qfq code. The vulnerability is an out-of-bounds write in qfq_change_agg where lmax is updated based on packet sizes without proper bounds checks, enabling local privilege escalation. The issue is triggered in sch_...

7.8CVSS7.9AI score0.00274EPSS
CVE
CVE
added 2023/06/28 8:2 p.m.427 views

CVE-2023-3390

CVE-2023-3390 is a local-use-after-free vulnerability in Linux kernel nftables (net/netfilter/nf_tables_api.c) caused by mishandled NFT_MSG_NEWRULE error paths, enabling a local attacker with CAP_SYS_ADMIN to trigger a privilege escalation. Public advisories (Amazon Linux 2/ALAS, Astra Linux, Deb...

7.8CVSS7.8AI score0.00871EPSS
CVE
CVE
added 2023/07/21 8:49 p.m.427 views

CVE-2023-3776

CVE-2023-3776: A use-after-free in Linux kernel net/sched cls_fw can lead to local privilege escalation if an attacker controls the reference counter in tcf_bind_filter and frees the object by setting the counter to zero. The issue stems from fw_set_parms() returning after reference counter adjus...

7.8CVSS7.6AI score0.00517EPSS
CVE
CVE
added 2023/08/03 2:32 p.m.420 views

CVE-2023-4133

CVE-2023-4133 affects the Linux kernel cxgb4 driver; root cause is a use-after-free during detachment when flower_stats_timer is rearmed on the work queue, which can cause local denial of service by crashing the system. The MiracleLinux advisory AXSA:2024-8139:15 references CVE-2023-4133 among af...

5.5CVSS5.9AI score0.00219EPSS
CVE
CVE
added 2023/11/16 5:15 p.m.420 views

CVE-2023-6176

The connected documents confirm CVE-2023-6176 is a Linux kernel issue in the cryptographic algorithm scatterwalk API. A null pointer dereference can be triggered when a local user constructs a malicious packet with specific socket configuration, potentially crashing the system or enabling privile...

4.7CVSS6.5AI score0.00251EPSS
CVE
CVE
added 2023/04/24 12:0 a.m.408 views

CVE-2023-31083

CVE-2023-31083 affects the Linux kernel (drivers/bluetooth/hci_ldisc.c). In hci_uart_tty_ioctl, there is a race between HCIUARTSETPROTO and HCIUARTGETPROTO where HCI_UART_PROTO_SET is written before hu->proto is set, which may cause a NULL pointer dereference. The connected advisories confirm ...

4.7CVSS5.4AI score0.00325EPSS
CVE
CVE
added 2023/01/12 12:0 a.m.407 views

CVE-2023-23455

CVE-2023-23455 affects the Linux kernel’s ATM traffic control path: atm_tc_enqueue in net/sched/sch_atm.c up to version 6.1.4 is vulnerable to a type confusion that can misclassify values, enabling a local denial-of-service. Public reports describe the issue without details on exploits beyond DoS...

5.5CVSS6AI score0.00272EPSS
CVE
CVE
added 2023/02/28 2:23 p.m.401 views

CVE-2023-0461

CVE-2023-0461 describes a use-after-free in the Linux kernel’s handling of TLS contexts on TCP sockets (icalled icsk_ulp_data) that can trigger a double-free when a TLS context is inherited by a reused listener. Affected scenario requires CONFIG_TLS to be enabled and may enable local privilege es...

7.8CVSS7.7AI score0.00652EPSS
CVE
CVE
added 2023/04/14 12:0 a.m.399 views

CVE-2023-2008

The CVE-2023-2008 flaw is in the Linux kernel udmabuf device driver, within its fault handler. It stems from insufficient validation of user-supplied data, allowing a memory access past the end of an array. This can enable local privilege escalation and execution of arbitrary code in the kernel c...

7.8CVSS7.6AI score0.01013EPSS
CVE
CVE
added 2023/04/28 12:0 a.m.390 views

CVE-2023-31436

Summary: CVE-2023-31436 affects the Linux kernel net/sched/qfq subsystem (qfq_change_class in net/sched/sch_qfq.c). The flaw allows a heap/out-of-bounds write because lmax can exceed QFQ_MIN_LMAX, leading to information disclosure, privilege escalation, or denial of service as described in public...

7.8CVSS7.6AI score0.00587EPSS
CVE
CVE
added 2023/09/20 5:2 a.m.388 views

CVE-2023-2163

Summary of CVE-2023-2163 : The issue is an incorrect verifier pruning in the kernel’s BPF verifier for Linux kernel versions >= 5.4, where unsafe code paths can be marked safe, enabling arbitrary reads/writes in kernel memory, lateral privilege escalation, and container escapes. Connected advi...

10CVSS9.3AI score0.03546EPSS
In wild
CVE
CVE
added 2023/04/19 12:0 a.m.388 views

CVE-2023-2166

CVE-2023-2166 pertains to a NULL pointer dereference in the Linux kernel CAN protocol (net/can/af_can.c). The issue is that ml_priv may not be initialized in the receive path for CAN frames, enabling a local attacker to crash the system or potentially cause a denial of service via a malformed or ...

5.5CVSS5.7AI score0.002EPSS
CVE
CVE
added 2023/01/17 12:0 a.m.387 views

CVE-2022-47929

CVE-2022-47929 is a Linux kernel vulnerability: a NULL pointer dereference in the traffic control subsystem (affecting qdisc_graft in net/sched/sch_api.c) that allows an unprivileged user to trigger a denial of service (system crash) via crafted tc qdisc/class configurations. Exploitation is loca...

5.5CVSS5.9AI score0.00964EPSS
CVE
CVE
added 2023/08/16 6:49 p.m.385 views

CVE-2023-4389

CVE-2023-4389 concerns a flaw in btrfs_get_root_ref (fs/btrfs/disk-io.c) of the Linux kernel where the reference count is decremented twice. The connected Astra Linux security bulletin confirms the issue affects the Linux kernel used in that distro (linux-5.10) and describes a local-privilege sce...

7.1CVSS6.7AI score0.00254EPSS
CVE
CVE
added 2023/11/01 4:32 p.m.385 views

CVE-2023-5178

CVE-2023-5178 is a use-after-free vulnerability in the NVMe over Fabrics over TCP subsystem of the Linux kernel, specifically nvmet_tcp_free_crypto in drivers/nvme/target/tcp.c. The logical bug can lead to use-after-free and double-free conditions, with potential remote code execution or local pr...

8.8CVSS8.9AI score0.09141EPSS
CVE
CVE
added 2023/07/17 12:0 a.m.384 views

CVE-2023-38409

CVE-2023-38409 affects the Linux kernel fbcon subsystem (drivers/video/fbdev/core/fbcon.c). The issue arises in set_con2fb_map: an assignment is performed only for the first virtual console, which can desynchronize fbcon_registered_fb and fbcon_display when fbcon_mode_deleted is invoked, leaving ...

5.5CVSS6.2AI score0.0018EPSS
Total number of security vulnerabilities313