Vulnerabilities > Linux > Linux Kernel > 4.19.324
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-22 | CVE-2023-1281 | Use After Free vulnerability in Linux Kernel Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. | 7.8 |
| 2023-03-19 | CVE-2022-48423 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. | 7.8 |
| 2023-03-08 | CVE-2023-0030 | Use After Free vulnerability in Linux Kernel A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. | 7.8 |
| 2023-03-06 | CVE-2022-3707 | Double Free vulnerability in multiple products A double-free memory flaw was found in the Linux kernel. | 5.5 |
| 2023-03-01 | CVE-2023-23001 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |
| 2023-03-01 | CVE-2023-23002 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |
| 2023-03-01 | CVE-2023-23003 | Unchecked Return Value vulnerability in Linux Kernel In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. | 4.0 |
| 2023-03-01 | CVE-2023-23004 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |
| 2023-03-01 | CVE-2023-23005 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |
| 2023-03-01 | CVE-2023-23006 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |