U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
  • CPE Name Search: true
There are 1,040 matching records.
Displaying matches 241 through 260.
Vuln ID Summary CVSS Severity
CVE-2023-2008

A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.

Published: April 14, 2023; 5:15:08 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-1990

A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.

Published: April 12, 2023; 4:15:07 PM -0400
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.

Published: April 12, 2023; 12:15:17 PM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2023-1829

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

Published: April 12, 2023; 8:15:07 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-1989

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

Published: April 11, 2023; 5:15:15 PM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

Published: April 09, 2023; 10:15:06 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-1855

A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.

Published: April 05, 2023; 4:15:07 PM -0400
V3.1: 6.3 MEDIUM
V2.0:(not available)
CVE-2023-1838

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.

Published: April 05, 2023; 3:15:07 PM -0400
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2023-1611

A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea

Published: April 03, 2023; 6:15:06 PM -0400
V3.1: 6.3 MEDIUM
V2.0:(not available)
CVE-2023-1670

A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

Published: March 30, 2023; 7:15:06 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-4744

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.

Published: March 30, 2023; 5:15:06 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-1652

A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

Published: March 29, 2023; 5:15:07 PM -0400
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2023-0210

A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.

Published: March 27, 2023; 6:15:21 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-0179

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.

Published: March 27, 2023; 6:15:20 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-1380

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.

Published: March 27, 2023; 5:15:10 PM -0400
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2023-1079

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

Published: March 27, 2023; 5:15:10 PM -0400
V3.1: 6.8 MEDIUM
V2.0:(not available)
CVE-2023-1078

A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.

Published: March 27, 2023; 5:15:10 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-1077

In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.

Published: March 27, 2023; 5:15:10 PM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2021-3923

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.

Published: March 27, 2023; 5:15:09 PM -0400
V3.1: 2.3 LOW
V2.0:(not available)
CVE-2023-28866

In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.

Published: March 26, 2023; 9:15:07 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)