Vulnerabilities > Linux > Linux Kernel > 5.15.17

DATE CVE VULNERABILITY TITLE RISK
2024-02-11 CVE-2024-1151 Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian redhat fedoraproject linux CWE-787
5.5
2024-02-07 CVE-2023-6356 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
redhat linux debian CWE-476
7.5
2024-02-07 CVE-2023-6536 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat debian CWE-476
7.5
2024-01-31 CVE-2024-1085 Use After Free vulnerability in Linux Kernel
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability. We recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7.
local
low complexity
linux CWE-416
7.8
2024-01-31 CVE-2024-1086 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
7.8
2024-01-30 CVE-2024-21803 Use After Free vulnerability in Linux Kernel
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code.
local
low complexity
linux CWE-416
7.8
2024-01-29 CVE-2023-46838 NULL Pointer Dereference vulnerability in multiple products
Transmit requests in Xen's virtual network protocol can consist of multiple parts.
network
low complexity
linux fedoraproject debian CWE-476
7.5
2024-01-28 CVE-2023-6200 Race Condition vulnerability in Linux Kernel
A race condition was found in the Linux Kernel.
high complexity
linux CWE-362
7.5
2024-01-28 CVE-2024-0841 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality.
local
low complexity
linux redhat CWE-476
7.8
2024-01-25 CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Kernel
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
local
low complexity
linux CWE-190
7.8