Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:219369
[Eng]
Version
1
Class
patch
ALTXid
443277
Language
Russian
Severity
High
Title
Обновление SUSE-SU-2023:2805-1 -- устранение уязвимостей в the Linux Kernel
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
Family
unix
Platform
SUSE Linux Enterprise Server 12
Product
Linux Kernel
Reference
VENDOR: SUSE-SU-2023:2805-1
VENDOR: SUSE-SU-2023:2805-1
Id:
SUSE-SU-2023:2805-1
Reference:
https://www.suse.com/support/update/announcement/2023/SUSE-SU-20232805-1/
CVE: CVE-2017-5753
CVE: CVE-2017-5753
Id:
CVE-2017-5753
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753
Comment
: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVSSv2 Score:
4.7
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:C/I:N/A:N
CVSSv3 Score:
5.6
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
CHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE:
203 (Information Exposure Through Discrepancy)
References:
https://www.synology.com/support/security/Synology_SA_18_01 (CONFIRM)
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/ (CONFIRM)
https://support.lenovo.com/us/en/solutions/LEN-18282 (CONFIRM)
https://support.f5.com/csp/article/K91229003 (CONFIRM)
https://spectreattack.com/ (MISC)
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html (MISC)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 (CONFIRM)
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html (MISC)
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ (CONFIRM)
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/ (CONFIRM)
https://access.redhat.com/security/vulnerabilities/speculativeexecution (CONFIRM)
http://xenbits.xen.org/xsa/advisory-254.html (CONFIRM)
1040071 (SECTRACK)
VU#584653 (CERT-VN)
http://nvidia.custhelp.com/app/answers/detail/a_id/4609 (CONFIRM)
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html (CONFIRM)
43427 (EXPLOIT-DB)
20180104 CPU Side-Channel Information Disclosure Vulnerabilities (CISCO)
https://support.citrix.com/article/CTX231399 (CONFIRM)
https://security.netapp.com/advisory/ntap-20180104-0001/ (CONFIRM)
102371 (BID)
http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html (MISC)
http://nvidia.custhelp.com/app/answers/detail/a_id/4614 (CONFIRM)
http://nvidia.custhelp.com/app/answers/detail/a_id/4613 (CONFIRM)
http://nvidia.custhelp.com/app/answers/detail/a_id/4611 (CONFIRM)
openSUSE-SU-2018:0023 (SUSE)
openSUSE-SU-2018:0022 (SUSE)
SUSE-SU-2018:0012 (SUSE)
SUSE-SU-2018:0011 (SUSE)
SUSE-SU-2018:0010 (SUSE)
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us (CONFIRM)
USN-3516-1 (UBUNTU)
RHSA-2018:0292 (REDHAT)
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt (CONFIRM)
USN-3597-2 (UBUNTU)
USN-3597-1 (UBUNTU)
USN-3580-1 (UBUNTU)
USN-3549-1 (UBUNTU)
USN-3542-1 (UBUNTU)
USN-3541-1 (UBUNTU)
USN-3540-1 (UBUNTU)
USN-3542-2 (UBUNTU)
USN-3541-2 (UBUNTU)
USN-3540-2 (UBUNTU)
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html (CONFIRM)
DSA-4188 (DEBIAN)
DSA-4187 (DEBIAN)
https://cert.vde.com/en-us/advisories/vde-2018-003 (CONFIRM)
https://cert.vde.com/en-us/advisories/vde-2018-002 (CONFIRM)
VU#180049 (CERT-VN)
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability (CONFIRM)
[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update (MLIST)
[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update (MLIST)
[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package (MLIST)
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us (CONFIRM)
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001 (CONFIRM)
GLSA-201810-06 (GENTOO)
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes (CONFIRM)
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf (CONFIRM)
[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update (MLIST)
[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update (MLIST)
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html (MISC)
20190624 [SECURITY] [DSA 4469-1] libvirt security update (BUGTRAQ)
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt (CONFIRM)
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf (CONFIRM)
https://cdrdv2.intel.com/v1/dl/getContent/685359 (CONFIRM)
CVE: CVE-2018-20784
CVE: CVE-2018-20784
Id:
CVE-2018-20784
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20784
Comment
: In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3 Score:
9.8
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
835 (Loop with Unreachable Exit Condition ('Infinite Loop'))
References:
https://github.com/torvalds/linux/commit/c40f7d74c741a907cfaeb73a7697081881c497d0 (MISC)
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2 (MISC)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c40f7d74c741a907cfaeb73a7697081881c497d0 (MISC)
RHSA-2019:1959 (REDHAT)
RHSA-2019:1971 (REDHAT)
USN-4115-1 (UBUNTU)
USN-4118-1 (UBUNTU)
USN-4211-2 (UBUNTU)
USN-4211-1 (UBUNTU)
CVE: CVE-2022-3566
CVE: CVE-2022-3566
Id:
CVE-2022-3566
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3566
Comment
: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.
CVSSv3 Score:
7.1
Attack vector:
ADJACENT_NETWORK
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 (MISC)
https://vuldb.com/?id.211089 (MISC)
CVE: CVE-2022-45884
CVE: CVE-2022-45884
Id:
CVE-2022-45884
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45884
Comment
: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://security.netapp.com/advisory/ntap-20230113-0006/ (CONFIRM)
https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/ ()
https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel%40gmail.com/ ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=627bb528b086b4136315c25d6a447a98ea9448d3 ()
CVE: CVE-2022-45885
CVE: CVE-2022-45885
Id:
CVE-2022-45885
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45885
Comment
: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://security.netapp.com/advisory/ntap-20230113-0006/ (CONFIRM)
https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/ ()
https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel%40gmail.com/ ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6769a0b7ee0c3b31e1b22c3fadff2bfb642de23f ()
CVE: CVE-2022-45886
CVE: CVE-2022-45886
Id:
CVE-2022-45886
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45886
Comment
: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://security.netapp.com/advisory/ntap-20230113-0006/ (CONFIRM)
https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/ ()
https://lore.kernel.org/linux-media/20221115131822.6640-3-imv4bel%40gmail.com/ ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4172385b0c9ac366dcab78eda48c26814b87ed1a ()
CVE: CVE-2022-45887
CVE: CVE-2022-45887
Id:
CVE-2022-45887
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45887
Comment
: An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://security.netapp.com/advisory/ntap-20230113-0006/ (CONFIRM)
https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/ ()
https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel%40gmail.com/ ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=517a281338322ff8293f988771c98aaa7205e457 ()
CVE: CVE-2022-45919
CVE: CVE-2022-45919
Id:
CVE-2022-45919
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45919
Comment
: An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://security.netapp.com/advisory/ntap-20230113-0008/ (CONFIRM)
https://lore.kernel.org/linux-media/20221121063308.GA33821%40ubuntu/T/#u ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=280a8ab81733da8bc442253c700a52c4c0886ffd ()
CVE: CVE-2023-0590
CVE: CVE-2023-0590
Id:
CVE-2023-0590
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0590
Comment
: A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
416 (Use After Free)
References:
https://lore.kernel.org/all/20221018203258.2793282-1-edumazet%40google.com/ ()
[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update ()
CVE: CVE-2023-1077
CVE: CVE-2023-1077
Id:
CVE-2023-1077
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1077
Comment
: In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
843 (Access of Resource Using Incompatible Type ('Type Confusion'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97 (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
https://security.netapp.com/advisory/ntap-20230511-0002/ (CONFIRM)
[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update ()
CVE: CVE-2023-1095
CVE: CVE-2023-1095
Id:
CVE-2023-1095
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1095
Comment
: In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://github.com/torvalds/linux/commit/580077855a40741cf511766129702d97ff02f4d9 (MISC)
https://bugzilla.redhat.com/show_bug.cgi?id=2173973 (MISC)
CVE: CVE-2023-1118
CVE: CVE-2023-1118
Id:
CVE-2023-1118
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1118
Comment
: A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17 (MISC)
https://security.netapp.com/advisory/ntap-20230413-0003/ (CONFIRM)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-1249
CVE: CVE-2023-1249
Id:
CVE-2023-1249
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1249
Comment
: A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
416 (Use After Free)
References:
http://packetstormsecurity.com/files/171912/CentOS-Stream-9-Missing-Kernel-Security-Fix.html (MISC)
https://patchwork.kernel.org/project/linux-fsdevel/patch/87iltzn3nd.fsf_-_%40email.froward.int.ebiederm.org/ ()
CVE: CVE-2023-1380
CVE: CVE-2023-1380
Id:
CVE-2023-1380
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1380
Comment
: A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.
CVSSv3 Score:
7.1
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://www.openwall.com/lists/oss-security/2023/03/14/1 (MISC)
https://bugzilla.redhat.com/show_bug.cgi?id=2177883 (MISC)
https://security.netapp.com/advisory/ntap-20230511-0001/ (CONFIRM)
http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html (MISC)
http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html (MISC)
[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update (MLIST)
DSA-5480 (DEBIAN)
[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update (MLIST)
https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonsei.ac.kr/T/#u ()
CVE: CVE-2023-1390
CVE: CVE-2023-1390
Id:
CVE-2023-1390
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1390
Comment
: A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
CVSSv3 Score:
7.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE:
CWE-Other ()
References:
https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6 (MISC)
https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5 (MISC)
https://security.netapp.com/advisory/ntap-20230420-0001/ (CONFIRM)
https://infosec.exchange/%40_mattata/109427999461122360 ()
CVE: CVE-2023-1513
CVE: CVE-2023-1513
Id:
CVE-2023-1513
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1513
Comment
: A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.
CVSSv3 Score:
3.3
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
LOW
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE:
665 (Improper Initialization)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2179892 (MISC)
https://github.com/torvalds/linux/commit/2c10b61421a28e95a46ab489fd56c0f442ff6952 (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
https://lore.kernel.org/kvm/20230214103304.3689213-1-gregkh%40linuxfoundation.org/ ()
CVE: CVE-2023-1611
CVE: CVE-2023-1611
Id:
CVE-2023-1611
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1611
Comment
: A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea
CVSSv3 Score:
6.3
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE:
416 (Use After Free)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2181342 (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
https://github.com/torvalds/linux/commit/2f1a6be12ab6c8470d5776e68644726c94257c54 (MISC)
https://lore.kernel.org/linux-btrfs/35b9a70650ea947387cf352914a8774b4f7e8a6f.1679481128.git.fdmanana%40suse.com/ ()
FEDORA-2023-98251cef79 ()
FEDORA-2023-d525cf5272 ()
CVE: CVE-2023-1670
CVE: CVE-2023-1670
Id:
CVE-2023-1670
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1670
Comment
: A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
https://security.netapp.com/advisory/ntap-20230526-0010/ (CONFIRM)
https://lore.kernel.org/all/20230316161526.1568982-1-zyytlz.wz%40163.com/ ()
CVE: CVE-2023-1989
CVE: CVE-2023-1989
Id:
CVE-2023-1989
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1989
Comment
: A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088 (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
https://security.netapp.com/advisory/ntap-20230601-0004/ (CONFIRM)
DSA-5492 (DEBIAN)
[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update ()
CVE: CVE-2023-1990
CVE: CVE-2023-1990
Id:
CVE-2023-1990
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1990
Comment
: A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
416 (Use After Free)
References:
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/ ()
CVE: CVE-2023-1998
CVE: CVE-2023-1998
Id:
CVE-2023-1998
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1998
Comment
: The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.
CVSSv3 Score:
5.6
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
CHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE:
203 (Information Exposure Through Discrepancy)
References:
https://kernel.dance/#6921ed9049bc7457f66c1596c5b78aec0dae4a9d (MISC)
https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx (MISC)
https://github.com/torvalds/linux/commit/6921ed9049bc7457f66c1596c5b78aec0dae4a9d (MISC)
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html (MISC)
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html (MISC)
CVE: CVE-2023-2124
CVE: CVE-2023-2124
Id:
CVE-2023-2124
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2124
Comment
: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/xfs/xfs_buf_item_recover.c?h=v6.4-rc1&id=22ed903eee23a5b174e240f1cdfa9acf393a5210 (MISC)
https://syzkaller.appspot.com/bug?extid=7e9494b8b399902e994e (MISC)
https://security.netapp.com/advisory/ntap-20230622-0010/ (CONFIRM)
DSA-5448 (DEBIAN)
DSA-5480 (DEBIAN)
[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update (MLIST)
CVE: CVE-2023-2162
CVE: CVE-2023-2162
Id:
CVE-2023-2162
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2162
Comment
: A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE:
416 (Use After Free)
References:
https://www.spinics.net/lists/linux-scsi/msg181542.html (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-2194
CVE: CVE-2023-2194
Id:
CVE-2023-2194
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2194
Comment
: An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.
CVSSv3 Score:
6.7
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2188396 (MISC)
https://github.com/torvalds/linux/commit/92fbb6d1296f (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-23454
CVE: CVE-2023-23454
Id:
CVE-2023-23454
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23454
Comment
: cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
843 (Access of Resource Using Incompatible Type ('Type Confusion'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 (MISC)
https://www.openwall.com/lists/oss-security/2023/01/10/4 (MISC)
https://www.openwall.com/lists/oss-security/2023/01/10/1 (MISC)
DSA-5324 (DEBIAN)
[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-23455
CVE: CVE-2023-23455
Id:
CVE-2023-23455
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23455
Comment
: atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
843 (Access of Resource Using Incompatible Type ('Type Confusion'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b (MISC)
https://www.openwall.com/lists/oss-security/2023/01/10/4 (MISC)
https://www.openwall.com/lists/oss-security/2023/01/10/1 (MISC)
DSA-5324 (DEBIAN)
[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-2513
CVE: CVE-2023-2513
Id:
CVE-2023-2513
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2513
Comment
: A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
CVSSv3 Score:
6.7
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://github.com/torvalds/linux/commit/67d7d8ad99be (MISC)
https://bugzilla.redhat.com/show_bug.cgi?id=2193097 (MISC)
https://lore.kernel.org/all/20220616021358.2504451-1-libaokun1%40huawei.com/ ()
CVE: CVE-2023-28328
CVE: CVE-2023-28328
Id:
CVE-2023-28328
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28328
Comment
: A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2177389 (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-28464
CVE: CVE-2023-28464
Id:
CVE-2023-28464
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28464
Comment
: hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
415 (Double Free)
References:
https://www.openwall.com/lists/oss-security/2023/03/28/2 (MISC)
https://www.openwall.com/lists/oss-security/2023/03/28/3 (MISC)
https://security.netapp.com/advisory/ntap-20230517-0004/ (CONFIRM)
https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com/ ()
CVE: CVE-2023-28772
CVE: CVE-2023-28772
Id:
CVE-2023-28772
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28772
Comment
: An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.
CVSSv3 Score:
6.7
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE:
120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
References:
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 (MISC)
https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7 (MISC)
https://security.netapp.com/advisory/ntap-20230427-0005/ (CONFIRM)
https://lore.kernel.org/lkml/20210625122453.5e2fe304%40oasis.local.home/ ()
https://lkml.kernel.org/r/20210626032156.47889-1-yun.zhou%40windriver.com ()
CVE: CVE-2023-30772
CVE: CVE-2023-30772
Id:
CVE-2023-30772
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30772
Comment
: The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.
CVSSv3 Score:
6.4
Attack vector:
PHYSICAL
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=06615d11cc78162dfd5116efb71f29eb29502d37 (CONFIRM)
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9 (CONFIRM)
https://bugzilla.suse.com/show_bug.cgi?id=1210329 (CONFIRM)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
CVE: CVE-2023-3090
CVE: CVE-2023-3090
Id:
CVE-2023-3090
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3090
Comment
: A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=90cbed5247439a966b645b34eb0a2e037836ea8e (MISC)
https://kernel.dance/90cbed5247439a966b645b34eb0a2e037836ea8e (MISC)
https://www.debian.org/security/2023/dsa-5448 (MISC)
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html (MISC)
https://security.netapp.com/advisory/ntap-20230731-0002/ (MISC)
https://www.debian.org/security/2023/dsa-5480 (MISC)
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html (MISC)
http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html (MISC)
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html (MISC)
CVE: CVE-2023-3141
CVE: CVE-2023-3141
Id:
CVE-2023-3141
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3141
Comment
: A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
CVSSv3 Score:
7.1
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE:
416 (Use After Free)
References:
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 (MISC)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7 (MISC)
https://security.netapp.com/advisory/ntap-20230706-0004/ (CONFIRM)
[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update (MLIST)
[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update (MLIST)
https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/ ()
CVE: CVE-2023-31436
CVE: CVE-2023-31436
Id:
CVE-2023-31436
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31436
Comment
: qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d (MISC)
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13 (MISC)
https://www.spinics.net/lists/stable-commits/msg294885.html (MISC)
DSA-5402 (DEBIAN)
[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update (MLIST)
https://security.netapp.com/advisory/ntap-20230609-0001/ (CONFIRM)
http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html (MISC)
http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html (MISC)
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html ()
CVE: CVE-2023-3159
CVE: CVE-2023-3159
Id:
CVE-2023-3159
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3159
Comment
: A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.
CVSSv3 Score:
6.7
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff (MISC)
CVE: CVE-2023-3161
CVE: CVE-2023-3161
Id:
CVE-2023-3161
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3161
Comment
: A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
682 (Incorrect Calculation)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2213485 (MISC)
https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be (MISC)
CVE: CVE-2023-32269
CVE: CVE-2023-32269
Id:
CVE-2023-32269
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32269
Comment
: An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
CVSSv3 Score:
6.7
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11 (MISC)
https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64 (MISC)
CVE: CVE-2023-35824
CVE: CVE-2023-35824
Id:
CVE-2023-35824
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35824
Comment
: An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5abda7a16698d4d1f47af1168d8fa2c640116b4a (MISC)
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2 (MISC)
[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update (MLIST)
https://security.netapp.com/advisory/ntap-20230803-0002/ (CONFIRM)
[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update (MLIST)
https://lore.kernel.org/all/49bb0b6a-e669-d4e7-d742-a19d2763e947%40xs4all.nl/ ()
https://lore.kernel.org/lkml/20230318081506.795147-1-zyytlz.wz%40163.com/ ()
Content available only for registered users!
ovaldb@altx-soft.com