Vulnerabilities > Linux > Linux Kernel > 5.15.45

DATE CVE VULNERABILITY TITLE RISK
2023-06-28 CVE-2023-3357 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver.
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3358 NULL Pointer Dereference vulnerability in Linux Kernel
A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver.
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3359 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c.
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3355 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc().
local
low complexity
linux CWE-476
5.5
2023-06-28 CVE-2023-3390 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability.
local
low complexity
linux netapp CWE-416
7.8
2023-06-28 CVE-2023-3439 Use After Free vulnerability in Linux Kernel
A flaw was found in the MCTP protocol in the Linux kernel.
local
high complexity
linux CWE-416
4.7
2023-06-28 CVE-2023-3090 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver.
local
low complexity
linux debian CWE-787
7.8
2023-06-28 CVE-2023-3389 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable).
local
low complexity
linux canonical debian CWE-416
7.8
2023-06-23 CVE-2023-3212 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel.
4.4
2023-06-20 CVE-2023-3220 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 6.1-rc8.
local
low complexity
linux CWE-476
5.5