Vulnerabilities > Linux > Linux Kernel > 6.1.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-24 | CVE-2023-1583 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. | 5.5 |
| 2023-03-23 | CVE-2023-1513 | Improper Initialization vulnerability in multiple products A flaw was found in KVM. | 3.3 |
| 2023-03-22 | CVE-2023-0386 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. | 7.8 |
| 2023-03-22 | CVE-2023-1281 | Use After Free vulnerability in Linux Kernel Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. | 7.8 |
| 2023-03-19 | CVE-2022-48425 | Release of Invalid Pointer or Reference vulnerability in Linux Kernel In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. | 7.8 |
| 2023-03-16 | CVE-2023-28466 | NULL Pointer Dereference vulnerability in multiple products do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | 7.0 |
| 2023-03-02 | CVE-2023-1118 | Use After Free vulnerability in Linux Kernel A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. | 7.8 |
| 2023-03-01 | CVE-2023-23005 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |
| 2023-02-25 | CVE-2023-26545 | Double Free vulnerability in multiple products In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | 4.7 |
| 2023-02-22 | CVE-2023-23039 | Race Condition vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 6.2.0-rc2. | 5.7 |