Vulnerabilities > Linux > Linux Kernel > 5.17.7

DATE CVE VULNERABILITY TITLE RISK
2023-10-09 CVE-2023-39194 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the XFRM subsystem in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-125
4.4
2023-10-05 CVE-2023-42754 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack.
local
low complexity
linux redhat fedoraproject CWE-476
5.5
2023-10-05 CVE-2023-42755 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel.
local
low complexity
linux redhat debian CWE-125
5.5
2023-09-29 CVE-2023-44466 Classic Buffer Overflow vulnerability in Linux Kernel
An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5.
network
low complexity
linux CWE-120
8.8
2023-09-28 CVE-2023-42756 Race Condition vulnerability in multiple products
A flaw was found in the Netfilter subsystem of the Linux kernel.
local
high complexity
linux redhat debian fedoraproject CWE-362
4.7
2023-09-27 CVE-2023-5197 Use After Free vulnerability in Linux Kernel
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
local
low complexity
linux CWE-416
6.6
2023-09-25 CVE-2023-42753 Out-of-bounds Write vulnerability in multiple products
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel.
local
low complexity
linux redhat debian CWE-787
7.8
2023-09-20 CVE-2023-2163 Incorrect Calculation vulnerability in Linux Kernel
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
local
low complexity
linux CWE-682
8.8
2023-09-12 CVE-2023-4921 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.
local
low complexity
linux debian CWE-416
7.8
2023-09-06 CVE-2023-3777 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.
local
low complexity
linux debian canonical CWE-416
7.8