Total
288 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2898 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2024-02-01 | N/A | 4.7 MEDIUM |
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem. | |||||
CVE-2023-4236 | 4 Debian, Fedoraproject, Isc and 1 more | 13 Debian Linux, Fedora, Bind and 10 more | 2024-02-01 | N/A | 7.5 HIGH |
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1. | |||||
CVE-2022-3649 | 3 Debian, Linux, Netapp | 11 Debian Linux, Linux Kernel, Active Iq Unified Manager and 8 more | 2024-01-26 | N/A | 7.0 HIGH |
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992. | |||||
CVE-2022-43680 | 4 Debian, Fedoraproject, Libexpat Project and 1 more | 18 Debian Linux, Fedora, Libexpat and 15 more | 2024-01-21 | N/A | 7.5 HIGH |
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | |||||
CVE-2022-1048 | 4 Debian, Linux, Netapp and 1 more | 19 Debian Linux, Linux Kernel, H300e and 16 more | 2024-01-21 | 6.9 MEDIUM | 7.0 HIGH |
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
CVE-2022-0396 | 4 Fedoraproject, Isc, Netapp and 1 more | 19 Fedora, Bind, H300e and 16 more | 2024-01-21 | 4.3 MEDIUM | 5.3 MEDIUM |
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. | |||||
CVE-2023-4813 | 4 Fedoraproject, Gnu, Netapp and 1 more | 21 Fedora, Glibc, Active Iq Unified Manager and 18 more | 2024-01-21 | N/A | 5.9 MEDIUM |
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. | |||||
CVE-2022-1679 | 3 Debian, Linux, Netapp | 18 Debian Linux, Linux Kernel, H300e and 15 more | 2024-01-19 | 7.2 HIGH | 7.8 HIGH |
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
CVE-2023-1077 | 3 Debian, Linux, Netapp | 22 Debian Linux, Linux Kernel, 8300 and 19 more | 2024-01-12 | N/A | 7.0 HIGH |
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. | |||||
CVE-2022-0847 | 7 Fedoraproject, Linux, Netapp and 4 more | 39 Fedora, Linux Kernel, H300e and 36 more | 2024-01-12 | 7.2 HIGH | 7.8 HIGH |
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. | |||||
CVE-2023-3212 | 5 Debian, Fedoraproject, Linux and 2 more | 14 Debian Linux, Fedora, Linux Kernel and 11 more | 2024-01-11 | N/A | 4.4 MEDIUM |
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic. | |||||
CVE-2023-35001 | 4 Debian, Fedoraproject, Linux and 1 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2024-01-11 | N/A | 7.8 HIGH |
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | |||||
CVE-2023-1989 | 3 Debian, Linux, Netapp | 7 Debian Linux, Linux Kernel, H300s and 4 more | 2024-01-11 | N/A | 7.0 HIGH |
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. | |||||
CVE-2023-40791 | 2 Linux, Netapp | 9 Linux Kernel, H300s, H300s Firmware and 6 more | 2024-01-04 | N/A | 6.3 MEDIUM |
extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page. | |||||
CVE-2023-4004 | 5 Debian, Fedoraproject, Linux and 2 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2023-12-29 | N/A | 7.8 HIGH |
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. | |||||
CVE-2023-4527 | 4 Fedoraproject, Gnu, Netapp and 1 more | 32 Fedora, Glibc, H300s and 29 more | 2023-12-28 | N/A | 6.5 MEDIUM |
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. | |||||
CVE-2022-24122 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2023-12-28 | 6.9 MEDIUM | 7.8 HIGH |
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. | |||||
CVE-2023-38430 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410s and 3 more | 2023-12-22 | N/A | 9.1 CRITICAL |
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. | |||||
CVE-2023-32257 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410s and 3 more | 2023-12-22 | N/A | 8.1 HIGH |
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | |||||
CVE-2023-38432 | 2 Linux, Netapp | 7 Linux Kernel, H300s, H410s and 4 more | 2023-12-22 | N/A | 9.1 CRITICAL |
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. |