Vulnerabilities > Linux > Linux Kernel > 5.4.193

DATE CVE VULNERABILITY TITLE RISK
2023-02-02 CVE-2023-25012 Use After Free vulnerability in Linux Kernel
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
low complexity
linux CWE-416
4.6
2023-01-30 CVE-2023-0240 Use After Free vulnerability in Linux Kernel
There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity.
local
low complexity
linux CWE-416
7.8
2023-01-30 CVE-2023-0266 Use After Free vulnerability in Linux Kernel
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user.
local
low complexity
linux CWE-416
7.8
2023-01-27 CVE-2022-4139 Memory Leak vulnerability in Linux Kernel
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks.
local
low complexity
linux CWE-401
7.8
2023-01-26 CVE-2023-0394 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel.
local
low complexity
linux CWE-476
5.5
2023-01-26 CVE-2023-0468 Use After Free vulnerability in Linux Kernel
A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs.
local
high complexity
linux CWE-416
4.7
2023-01-26 CVE-2023-0469 Use After Free vulnerability in Linux Kernel
A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup.
local
low complexity
linux CWE-416
5.5
2023-01-17 CVE-2022-47929 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands.
local
low complexity
linux debian CWE-476
5.5
2023-01-17 CVE-2022-41858 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux netapp CWE-476
7.1
2023-01-13 CVE-2023-23559 Integer Overflow or Wraparound vulnerability in multiple products
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
local
low complexity
linux netapp debian CWE-190
7.8