6.3.4

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-28	CVE-2023-3090	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. local low complexity linux debian CWE-787	7.8
2023-06-28	CVE-2023-3389	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable). local low complexity linux canonical debian CWE-416	7.8
2023-06-23	CVE-2023-3212	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. local low complexity linux fedoraproject redhat debian netapp CWE-476	4.4
2023-06-18	CVE-2023-35827	Use After Free vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 6.3.8. local high complexity linux CWE-416	7.0
2023-06-16	CVE-2023-35788	Out-of-bounds Write vulnerability in multiple products An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. local low complexity linux debian netapp canonical CWE-787	7.8
2023-06-16	CVE-2023-3268	Out-of-bounds Read vulnerability in multiple products An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. local low complexity linux debian CWE-125	7.1
2023-05-26	CVE-2023-2002	Incorrect Authorization vulnerability in multiple products A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. low complexity linux debian CWE-863	6.8
2023-05-15	CVE-2023-2124	Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). local low complexity linux debian netapp CWE-787	7.8
2023-05-09	CVE-2023-2156	Reachable Assertion vulnerability in multiple products A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. network low complexity linux redhat fedoraproject debian CWE-617	7.5
2023-01-17	CVE-2022-41858	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux netapp CWE-476	7.1