Vulnerabilities (CVE)

Filtered by vendor Linux Subscribe
Total 5753 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-1206 3 Fedoraproject, Linux, Redhat 3 Fedora, Linux Kernel, Enterprise Linux 2023-09-29 N/A 5.7 MEDIUM
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
CVE-2023-31085 1 Linux 1 Linux Kernel 2023-09-29 N/A 5.5 MEDIUM
An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.
CVE-2023-3212 3 Fedoraproject, Linux, Redhat 3 Fedora, Linux Kernel, Enterprise Linux 2023-09-29 N/A 4.4 MEDIUM
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.
CVE-2023-31082 1 Linux 1 Linux Kernel 2023-09-29 N/A 5.5 MEDIUM
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel.
CVE-2022-4269 1 Linux 1 Linux Kernel 2023-09-29 N/A 5.5 MEDIUM
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.
CVE-2023-2898 1 Linux 1 Linux Kernel 2023-09-29 N/A 4.7 MEDIUM
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.
CVE-2023-31081 1 Linux 1 Linux Kernel 2023-09-29 N/A 5.5 MEDIUM
An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_bridge.c in the Linux kernel 6.2. There is a NULL pointer dereference in vidtv_mux_stop_thread. In vidtv_stop_streaming, after dvb->mux=NULL occurs, it executes vidtv_mux_stop_thread(dvb->mux).
CVE-2023-2269 2 Fedoraproject, Linux 2 Fedora, Linux Kernel 2023-09-29 N/A 4.4 MEDIUM
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
CVE-2023-31083 1 Linux 1 Linux Kernel 2023-09-29 N/A 4.7 MEDIUM
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.
CVE-2023-31084 1 Linux 1 Linux Kernel 2023-09-29 N/A 5.5 MEDIUM
An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.
CVE-2020-12351 1 Linux 1 Linux Kernel 2023-09-28 5.8 MEDIUM 8.8 HIGH
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2021-3752 6 Debian, Fedoraproject, Linux and 3 more 27 Debian Linux, Fedora, Linux Kernel and 24 more 2023-09-28 7.9 HIGH 7.1 HIGH
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2014-9940 2 Google, Linux 2 Android, Linux Kernel 2023-09-28 7.6 HIGH 7.0 HIGH
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.
CVE-2023-3567 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2023-09-28 N/A 7.1 HIGH
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
CVE-2019-14814 6 Canonical, Debian, Linux and 3 more 50 Ubuntu Linux, Debian Linux, Linux Kernel and 47 more 2023-09-28 7.2 HIGH 7.8 HIGH
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2023-32233 3 Linux, Netapp, Redhat 3 Linux Kernel, Hci Baseboard Management Controller, Enterprise Linux 2023-09-28 N/A 7.8 HIGH
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
CVE-2023-3141 2 Linux, Netapp 2 Linux Kernel, Hci Baseboard Management Controller 2023-09-28 N/A 7.1 HIGH
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
CVE-2023-44206 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2023-09-28 N/A 9.1 CRITICAL
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44205 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2023-09-28 N/A 5.3 MEDIUM
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44154 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2023-09-28 N/A 9.1 CRITICAL
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.