Vulnerabilities > Linux > Linux Kernel > 5.10.148

DATE CVE VULNERABILITY TITLE RISK
2023-03-22 CVE-2023-1281 Use After Free vulnerability in Linux Kernel
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.
local
low complexity
linux CWE-416
7.8
2023-03-19 CVE-2022-48423 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names.
local
low complexity
linux CWE-787
7.8
2023-03-16 CVE-2023-28466 NULL Pointer Dereference vulnerability in multiple products
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
local
high complexity
linux netapp debian CWE-476
7.0
2023-03-06 CVE-2022-3424 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function.
local
low complexity
linux redhat CWE-416
7.8
2023-03-06 CVE-2022-3707 Double Free vulnerability in multiple products
A double-free memory flaw was found in the Linux kernel.
local
low complexity
linux redhat CWE-415
5.5
2023-03-02 CVE-2023-1118 Use After Free vulnerability in Linux Kernel
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device.
local
low complexity
linux CWE-416
7.8
2023-03-01 CVE-2023-23001 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
local
low complexity
linux CWE-476
5.5
2023-03-01 CVE-2023-23002 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
local
low complexity
linux CWE-476
5.5
2023-03-01 CVE-2023-23003 Unchecked Return Value vulnerability in Linux Kernel
In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.
local
high complexity
linux CWE-252
4.0
2023-03-01 CVE-2023-23004 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
local
low complexity
linux CWE-476
5.5