kernel-preempt (SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS package kernel-preempt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (185)
CVE-2023-2163 — CVSS 10.0 (critical): Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary…
CVE-2022-42896 — CVSS 8.0 (high): There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req…
CVE-2023-1118 — CVSS 7.8 (high): A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A…
CVE-2023-34319 — CVSS 7.8 (high): The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the…
CVE-2023-0461 — CVSS 7.8 (high): There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the…
CVE-2023-1281 — CVSS 7.8 (high): Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-3812 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a…
CVE-2023-3390 — CVSS 7.8 (high): A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error…
CVE-2023-0179 — CVSS 7.8 (high): A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2023-3609 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation…
CVE-2023-2008 — CVSS 7.8 (high): A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the…
CVE-2023-2007 — CVSS 7.8 (high): The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations…
CVE-2023-4004 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element…
CVE-2022-4095 — CVSS 7.8 (high): A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c…
CVE-2022-45934 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via…
CVE-2023-4622 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The…
CVE-2022-4744 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the…
CVE-2023-3611 — CVSS 7.8 (high): An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege…
CVE-2023-4921 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation…
CVE-2023-1078 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the…
CVE-2023-23559 — CVSS 7.8 (high): In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2022-4139 — CVSS 7.8 (high): An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2023-2124 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure…
CVE-2023-4147 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw…
CVE-2023-28464 — CVSS 7.8 (high): hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush)…
CVE-2023-22995 — CVSS 7.8 (high): In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain…
CVE-2023-1872 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2023-35788 — CVSS 7.8 (high): An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-3111 — CVSS 7.8 (high): A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw…
CVE-2023-31248 — CVSS 7.8 (high): Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-1670 — CVSS 7.8 (high): A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to…
CVE-2023-40283 — CVSS 7.8 (high): An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free…
CVE-2023-32233 — CVSS 7.8 (high): In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform…
CVE-2023-3777 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-1390 — CVSS 7.5 (high): A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an…
CVE-2022-43945 — CVSS 7.5 (high): The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages…
CVE-2023-45871 — CVSS 7.5 (high): An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may…
CVE-2023-2156 — CVSS 7.5 (high): A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack…
CVE-2023-39198 — CVSS 7.5 (high): A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the…
CVE-2023-4387 — CVSS 7.1 (high): A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in…
CVE-2023-1838 — CVSS 7.1 (high): A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a…
CVE-2022-41858 — CVSS 7.1 (high): A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in…
CVE-2023-1380 — CVSS 7.1 (high): A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the…
CVE-2023-3567 — CVSS 7.1 (high): A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an…
CVE-2023-3268 — CVSS 7.1 (high): An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This…
CVE-2023-3141 — CVSS 7.1 (high): A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a…
CVE-2022-47520 — CVSS 7.1 (high): An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in…
CVE-2023-1989 — CVSS 7.0 (high): A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove…
CVE-2023-35828 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesa…
CVE-2023-35824 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.
CVE-2023-35823 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2022-45884 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to…
CVE-2022-45885 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a…
CVE-2022-45886 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race…
CVE-2022-45919 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there…
CVE-2023-4389 — CVSS 7.0 (high): A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the…
CVE-2023-1077 — CVSS 7.0 (high): In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry…
CVE-2023-42753 — CVSS 7.0 (high): An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of…
CVE-2023-2002 — CVSS 6.8 (medium): A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux…
CVE-2023-1079 — CVSS 6.8 (medium): A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a…
CVE-2023-39192 — CVSS 6.7 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure…
CVE-2023-32269 — CVSS 6.7 (medium): An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also…
CVE-2023-3159 — CVSS 6.7 (medium): A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker…
CVE-2023-28772 — CVSS 6.7 (medium): An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.
CVE-2023-2513 — CVSS 6.7 (medium): A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended…
CVE-2020-36694 — CVSS 6.7 (medium): An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context…
CVE-2023-2194 — CVSS 6.7 (medium): An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was…
CVE-2023-21400 — CVSS 6.7 (medium): In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local…
CVE-2022-3628 — CVSS 6.6 (medium): A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious…
CVE-2022-29900 — CVSS 6.5 (medium): Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-depend…
CVE-2023-0459 — CVSS 6.5 (medium): Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the…
CVE-2022-3643 — CVSS 6.5 (medium): Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a…
CVE-2022-40982 — CVSS 6.5 (medium): Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R)…
CVE-2023-1192 — CVSS 6.5 (medium): A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system…
CVE-2023-30772 — CVSS 6.4 (medium): The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically…
CVE-2023-45863 — CVSS 6.4 (medium): An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that…
CVE-2023-3863 — CVSS 6.4 (medium): A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user…
CVE-2023-1855 — CVSS 6.3 (medium): A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver…
CVE-2023-1611 — CVSS 6.3 (medium): A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash…
CVE-2022-36402 — CVSS 6.3 (medium): An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with…
CVE-2022-38096 — CVSS 6.3 (medium): A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel…
CVE-2022-36280 — CVSS 6.3 (medium): An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the…
CVE-2023-39193 — CVSS 6.1 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows…
CVE-2023-4273 — CVSS 6.0 (medium): A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction…
CVE-2022-2196 — CVSS 5.8 (medium): A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2…
CVE-2023-1206 — CVSS 5.7 (medium): A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind…
CVE-2017-5753 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2022-29901 — CVSS 5.6 (medium): Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the…
CVE-2023-1998 — CVSS 5.6 (medium): The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the…
CVE-2023-3358 — CVSS 5.5 (medium): A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash…
CVE-2020-36691 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion)…
CVE-2021-29650 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic)…
CVE-2022-3105 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of…
CVE-2022-3106 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the…
CVE-2022-3107 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of…
CVE-2022-3108 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check…
CVE-2022-3111 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of…
CVE-2022-3112 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks…
CVE-2022-3115 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the…
CVE-2022-3564 — CVSS 5.5 (medium): A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of…
CVE-2022-3635 — CVSS 5.5 (medium): A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the…
CVE-2022-3707 — CVSS 5.5 (medium): A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload…
CVE-2022-4129 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race…
CVE-2022-42328 — CVSS 5.5 (medium): Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42329 — CVSS 5.5 (medium): Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-4269 — CVSS 5.5 (medium): A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets…
CVE-2022-4662 — CVSS 5.5 (medium): A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could…
CVE-2022-47929 — CVSS 5.5 (medium): In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a…
CVE-2023-0394 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel…
CVE-2023-0597 — CVSS 5.5 (medium): A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess…
CVE-2023-1076 — CVSS 5.5 (medium): A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their…
CVE-2023-1095 — CVSS 5.5 (medium): In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object…
CVE-2023-1249 — CVSS 5.5 (medium): A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if…
CVE-2023-1637 — CVSS 5.5 (medium): A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power…
CVE-2023-20588 — CVSS 5.5 (medium): A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVE-2023-20593 — CVSS 5.5 (medium): An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive…
CVE-2023-2162 — CVSS 5.5 (medium): A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux…
CVE-2023-2177 — CVSS 5.5 (medium): A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation…
CVE-2023-22998 — CVSS 5.5 (medium): In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value…
CVE-2023-23000 — CVSS 5.5 (medium): In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the…
CVE-2023-23004 — CVSS 5.5 (medium): In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in…
CVE-2023-23006 — CVSS 5.5 (medium): In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page…
CVE-2023-23454 — CVSS 5.5 (medium): cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds…
CVE-2023-23455 — CVSS 5.5 (medium): atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type…
CVE-2023-23586 — CVSS 5.5 (medium): Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install…
CVE-2023-28327 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly…
CVE-2023-28328 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from…
CVE-2023-2985 — CVSS 5.5 (medium): A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause…
CVE-2023-31084 — CVSS 5.5 (medium): An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in…
CVE-2023-31085 — CVSS 5.5 (medium): An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize)…
CVE-2023-3161 — CVSS 5.5 (medium): A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to…
CVE-2023-3772 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with…
CVE-2023-4132 — CVSS 5.5 (medium): A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when…
CVE-2023-4133 — CVSS 5.5 (medium): A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to…
CVE-2023-4134 — CVSS 5.5 (medium): A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine…
CVE-2023-4194 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain…
CVE-2023-42754 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a…
CVE-2023-4385 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This…
CVE-2023-4459 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in…
CVE-2023-45862 — CVSS 5.5 (medium): An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object…
CVE-2023-39189 — CVSS 5.1 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode…
CVE-2022-42895 — CVSS 5.1 (medium): There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to…
CVE-2023-34324 — CVSS 4.9 (medium): Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an…
CVE-2023-0590 — CVSS 4.7 (medium): A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a…
CVE-2023-1990 — CVSS 4.7 (medium): A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash…
CVE-2023-1859 — CVSS 4.7 (medium): A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw…
CVE-2023-1582 — CVSS 4.7 (medium): A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local…
CVE-2023-1382 — CVSS 4.7 (medium): A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer…
CVE-2023-0045 — CVSS 4.7 (medium): The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates…
CVE-2022-45887 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of…
CVE-2022-28693 — CVSS 4.7 (medium): Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially…
CVE-2022-41850 — CVSS 4.7 (medium): roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in…
CVE-2019-19083 — CVSS 4.7 (medium): Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to…
CVE-2023-33288 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charg…
CVE-2023-31083 — CVSS 4.7 (medium): An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between…
CVE-2023-26545 — CVSS 4.7 (medium): In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl…
CVE-2023-20569 — CVSS 4.7 (medium): A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in…
CVE-2023-6176 — CVSS 4.7 (medium): A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue…
CVE-2022-3903 — CVSS 4.6 (medium): An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches…
CVE-2023-25012 — CVSS 4.6 (medium): The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED…
CVE-2022-3567 — CVSS 4.6 (medium): A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function…
CVE-2022-3566 — CVSS 4.6 (medium): A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of…
CVE-2022-3435 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file…
CVE-2023-39197 — CVSS 4.0 (medium): An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote…
CVE-2022-3606 — CVSS 3.5 (low): A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the…
CVE-2023-1513 — CVSS 3.3 (low): A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the…
CVE-2020-36766 — CVSS 3.3 (low): An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific…
CVE-2023-1075 — CVSS 3.3 (low): A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused…
CVE-2023-39194 — CVSS 3.2 (low): A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can…
CVE-2021-3923 — CVSS 2.3 (low): A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel…
CVE-2023-4128: Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. Reason: This record is a…
CVE-2023-4881: Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-2483: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of…
CVE-2023-3117: Rejected reason: Duplicate of CVE-2023-3390.