2 matches found
CVE-2024-0193
CVE-2024-0193 is a Linux kernel netfilter NFT_TABLES use-after-free flaw. The issue arises when the catchall element is garbage-collected during removal of the pipapo set, enabling double deactivation of the element and a use-after-free on NFT_CHAIN or NFT_OBJECT. This could allow a local unprivi...
CVE-2023-4456
Summary: CVE-2023-4456 affects OpenShift OpenShift Logging LokiStack. The vulnerability arises because the cache key is the token, which is too broad, allowing a user with a token valid for one action to perform other actions as long as the original action’s authorization remains cached. Affected...