Vulnerabilities > Linux > Linux Kernel > 4.11.10

DATE CVE VULNERABILITY TITLE RISK
2023-01-12 CVE-2023-23454 Type Confusion vulnerability in multiple products
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
local
low complexity
linux debian CWE-843
5.5
2023-01-12 CVE-2023-23455 Type Confusion vulnerability in multiple products
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
local
low complexity
linux debian CWE-843
5.5
2022-12-18 CVE-2022-47518 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-787
7.8
2022-12-18 CVE-2022-47519 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-787
7.8
2022-12-18 CVE-2022-47520 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-125
7.1
2022-12-07 CVE-2022-3643 Injection vulnerability in multiple products
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets.
local
low complexity
linux debian CWE-74
6.5
2022-12-07 CVE-2022-42328 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
2022-12-07 CVE-2022-42329 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
2022-11-30 CVE-2022-45869 Race Condition vulnerability in Linux Kernel
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
local
low complexity
linux CWE-362
5.5
2022-11-28 CVE-2022-4127 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc.
local
low complexity
linux CWE-476
5.5