Vulnerabilities > Linux > Linux Kernel > 4.19.130

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-4133 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-416
5.5
2023-07-24 CVE-2023-2860 Out-of-bounds Read vulnerability in Linux Kernel
An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel.
local
low complexity
linux CWE-125
4.4
2023-07-24 CVE-2023-33951 Improper Locking vulnerability in multiple products
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel.
local
high complexity
linux redhat CWE-667
5.3
2023-07-24 CVE-2023-33952 Double Free vulnerability in multiple products
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel.
local
low complexity
linux redhat CWE-415
6.7
2023-07-24 CVE-2023-3567 Use After Free vulnerability in multiple products
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel.
local
low complexity
linux redhat canonical CWE-416
7.1
2023-07-24 CVE-2023-3812 Use After Free vulnerability in multiple products
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled.
local
low complexity
linux redhat CWE-416
7.8
2023-07-24 CVE-2023-3863 Use After Free vulnerability in multiple products
A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel.
local
high complexity
linux debian CWE-416
4.1
2023-07-23 CVE-2023-2430 Improper Locking vulnerability in Linux Kernel
A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel.
local
low complexity
linux CWE-667
5.5
2023-07-21 CVE-2023-3609 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter().
local
low complexity
linux debian CWE-416
7.8
2023-07-21 CVE-2023-3611 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64.
local
low complexity
linux debian CWE-787
7.8