Vulnerabilities > Linux > Linux Kernel > 5.4.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2022-2586 | Use After Free vulnerability in multiple products It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. | 7.8 |
| 2024-01-08 | CVE-2022-2588 | Double Free vulnerability in multiple products It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. | 7.8 |
| 2024-01-08 | CVE-2022-2602 | Use After Free vulnerability in multiple products io_uring UAF, Unix SCM garbage collection | 7.0 |
| 2024-01-05 | CVE-2023-34324 | Resource Exhaustion vulnerability in multiple products Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. | 4.9 |
| 2024-01-02 | CVE-2023-7192 | Memory Leak vulnerability in multiple products A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. | 4.4 |
| 2023-12-21 | CVE-2023-6546 | Race Condition vulnerability in multiple products A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. | 7.0 |
| 2023-12-19 | CVE-2023-6931 | Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b. | 7.0 |
| 2023-12-19 | CVE-2023-6932 | Use After Free vulnerability in Linux Kernel A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. | 7.0 |
| 2023-12-09 | CVE-2023-50431 | Unspecified vulnerability in Linux Kernel sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized. | 5.5 |
| 2023-12-09 | CVE-2023-6560 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. | 5.5 |