Vulnerabilities > Linux > Linux Kernel > 5.15.74

DATE CVE VULNERABILITY TITLE RISK
2023-11-06 CVE-2023-5090 Improper Handling of Exceptional Conditions vulnerability in multiple products
A flaw was found in KVM.
local
low complexity
linux redhat CWE-755
5.5
2023-11-03 CVE-2023-47233 Use After Free vulnerability in Linux Kernel
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code.
low complexity
linux CWE-416
4.3
2023-11-03 CVE-2023-1194 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel.
network
low complexity
linux fedoraproject CWE-125
8.1
2023-11-01 CVE-2023-1192 Use After Free vulnerability in multiple products
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel.
network
low complexity
linux redhat CWE-416
6.5
2023-11-01 CVE-2023-1193 Use After Free vulnerability in Linux Kernel
A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel.
network
low complexity
linux CWE-416
6.5
2023-11-01 CVE-2023-5178 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
8.8
2023-10-29 CVE-2023-46862 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 6.5.9.
local
high complexity
linux CWE-476
4.7
2023-10-27 CVE-2023-46813 Unspecified vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers.
local
high complexity
linux
7.0
2023-10-25 CVE-2023-5717 Out-of-bounds Write vulnerability in Linux Kernel
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
local
low complexity
linux CWE-787
7.8
2023-10-16 CVE-2023-40791 extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.
local
high complexity
linux netapp
6.3