Vulnerabilities > Linux > Linux Kernel > 6.1.33

DATE CVE VULNERABILITY TITLE RISK
2023-07-21 CVE-2023-3611 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64.
local
low complexity
linux debian CWE-787
7.8
7.8
2023-07-21 CVE-2023-3776 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter().
local
low complexity
linux debian CWE-416
7.8
7.8
2023-07-18 CVE-2023-38427 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-191
critical
 9.8
9.8
2023-07-18 CVE-2023-38430 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.9.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38431 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38432 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.10.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-06 CVE-2023-37453 Out-of-bounds Read vulnerability in Linux Kernel
An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2.
low complexity
linux CWE-125
4.6
4.6
2023-07-06 CVE-2023-37454 Use After Free vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 6.4.2.
local
low complexity
linux CWE-416
5.5
5.5
2023-07-05 CVE-2023-31248 Use After Free vulnerability in multiple products
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
local
low complexity
linux fedoraproject debian canonical CWE-416
7.8
7.8
2023-07-05 CVE-2023-35001 Out-of-bounds Write vulnerability in multiple products
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
local
low complexity
linux debian fedoraproject netapp CWE-787
7.8
7.8