Vulnerabilities > Linux > Linux Kernel > 5.15.47

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2023-2156 Reachable Assertion vulnerability in multiple products
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol.
network
low complexity
linux redhat fedoraproject debian CWE-617
7.5
2023-05-08 CVE-2023-2513 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes.
local
low complexity
linux redhat CWE-416
6.7
2023-05-08 CVE-2023-32233 Use After Free vulnerability in multiple products
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory.
local
low complexity
linux redhat netapp CWE-416
7.8
2023-05-05 CVE-2023-32269 Use After Free vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 6.1.11.
local
low complexity
linux CWE-416
6.7
2023-05-01 CVE-2023-2235 Use After Free vulnerability in Linux Kernel
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.
local
low complexity
linux CWE-416
7.8
2023-04-28 CVE-2023-31436 Out-of-bounds Write vulnerability in Linux Kernel
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
local
low complexity
linux CWE-787
7.8
2023-04-26 CVE-2023-0458 NULL Pointer Dereference vulnerability in multiple products
A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function.
local
high complexity
linux debian CWE-476
4.7
2023-04-25 CVE-2023-0045 Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall.
network
low complexity
linux debian netapp CWE-610
7.5
2023-04-24 CVE-2023-2007 Improper Locking vulnerability in multiple products
The specific flaw exists within the DPT I2O Controller driver.
local
low complexity
linux debian netapp CWE-667
7.8
2023-04-24 CVE-2023-2006 Race Condition vulnerability in multiple products
A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles.
local
high complexity
linux netapp CWE-362
7.0