Vulnerabilities > Linux > Linux Kernel > 5.15.178
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-06 | CVE-2023-4244 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. | 7.0 |
| 2023-09-06 | CVE-2023-4622 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. | 7.0 |
| 2023-07-23 | CVE-2023-2430 | Improper Locking vulnerability in Linux Kernel A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. | 5.5 |
| 2023-07-21 | CVE-2023-3609 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). | 7.8 |
| 2023-06-28 | CVE-2023-3357 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. | 5.5 |
| 2023-06-28 | CVE-2023-3358 | NULL Pointer Dereference vulnerability in Linux Kernel A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. | 5.5 |
| 2023-06-28 | CVE-2023-3359 | NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. | 5.5 |
| 2023-06-28 | CVE-2023-3439 | Use After Free vulnerability in Linux Kernel A flaw was found in the MCTP protocol in the Linux kernel. | 4.7 |
| 2023-06-28 | CVE-2023-3389 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable). | 7.8 |
| 2023-06-20 | CVE-2023-3220 | NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 6.1-rc8. | 5.5 |