Vulnerabilities > Linux > Linux Kernel > 3.18.41
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-06 | CVE-2023-3777 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. | 7.8 |
2023-09-06 | CVE-2023-4206 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. | 7.8 |
2023-09-06 | CVE-2023-4207 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. | 7.8 |
2023-09-06 | CVE-2023-4208 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. | 7.8 |
2023-09-06 | CVE-2023-4244 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. | 7.0 |
2023-09-06 | CVE-2023-4623 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. | 7.8 |
2023-08-29 | CVE-2023-4611 | Use After Free vulnerability in Linux Kernel A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. | 6.3 |
2023-08-28 | CVE-2023-4569 | Memory Leak vulnerability in multiple products A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. | 5.5 |
2023-08-17 | CVE-2023-4394 | Use After Free vulnerability in Linux Kernel A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. | 6.0 |
2023-08-16 | CVE-2023-4385 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. | 5.5 |