Vulnerabilities > Linux > Linux Kernel > 4.4.41

DATE CVE VULNERABILITY TITLE RISK
2023-07-05 CVE-2023-35001 Out-of-bounds Write vulnerability in multiple products
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
local
low complexity
linux debian fedoraproject netapp CWE-787
7.8
2023-06-30 CVE-2023-1206 Resource Exhaustion vulnerability in multiple products
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack.
5.7
2023-06-30 CVE-2023-3338 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol.
network
low complexity
linux netapp debian CWE-476
6.5
2023-06-28 CVE-2023-3357 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver.
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3358 NULL Pointer Dereference vulnerability in Linux Kernel
A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver.
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3359 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c.
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3355 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc().
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3390 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability.
local
low complexity
linux netapp CWE-416
7.8
2023-06-28 CVE-2023-3439 Use After Free vulnerability in Linux Kernel
A flaw was found in the MCTP protocol in the Linux kernel.
local
high complexity
linux CWE-416
4.7
2023-06-28 CVE-2023-3090 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver.
local
low complexity
linux debian CWE-787
7.8