Vulnerabilities > Linux > Linux Kernel > 5.4.130
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2023-0394 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. | 5.5 |
| 2023-01-26 | CVE-2023-0468 | Use After Free vulnerability in Linux Kernel A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. | 4.7 |
| 2023-01-26 | CVE-2023-0469 | Use After Free vulnerability in Linux Kernel A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. | 5.5 |
| 2023-01-17 | CVE-2022-47929 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. | 5.5 |
| 2023-01-17 | CVE-2022-41858 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. | 7.1 |
| 2023-01-13 | CVE-2023-23559 | Integer Overflow or Wraparound vulnerability in multiple products In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | 7.8 |
| 2023-01-12 | CVE-2023-23454 | Type Confusion vulnerability in multiple products cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | 5.5 |
| 2023-01-12 | CVE-2023-23455 | Type Confusion vulnerability in multiple products atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | 5.5 |
| 2023-01-09 | CVE-2022-2196 | Insecure Default Initialization of Resource vulnerability in multiple products A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. | 8.8 |
| 2023-01-05 | CVE-2022-4378 | Out-of-bounds Write vulnerability in Linux Kernel A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. | 7.8 |