Vulnerabilities > Linux > Linux Kernel > 6.3.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2023-4004 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. | 7.8 |
| 2023-07-24 | CVE-2023-3863 | Use After Free vulnerability in multiple products A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. | 4.1 |
| 2023-07-21 | CVE-2023-3609 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). | 7.8 |
| 2023-07-21 | CVE-2023-3611 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. | 7.8 |
| 2023-07-21 | CVE-2023-3776 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). | 7.8 |
| 2023-07-18 | CVE-2023-0160 | Improper Locking vulnerability in multiple products A deadlock flaw was found in the Linux kernel’s BPF subsystem. | 5.5 |
| 2023-07-06 | CVE-2023-37453 | Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. | 4.6 |
| 2023-07-06 | CVE-2023-37454 | Use After Free vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 6.4.2. | 5.5 |
| 2023-07-05 | CVE-2023-31248 | Use After Free vulnerability in multiple products Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-07-05 | CVE-2023-35001 | Out-of-bounds Write vulnerability in multiple products Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | 7.8 |