Vulnerabilities > Linux > Linux Kernel > 6.4.5

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-40791 extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.
local
high complexity
linux netapp
6.3
6.3
2023-10-16 CVE-2023-45898 Use After Free vulnerability in Linux Kernel
The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.
local
low complexity
linux CWE-416
7.8
7.8
2023-10-15 CVE-2023-45871 Incorrect Calculation of Buffer Size vulnerability in Linux Kernel
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3.
high complexity
linux CWE-131
7.5
7.5
2023-10-13 CVE-2023-42752 Integer Overflow or Wraparound vulnerability in Linux Kernel
An integer overflow flaw was found in the Linux kernel.
local
low complexity
linux CWE-190
5.5
5.5
2023-10-09 CVE-2023-39189 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Netfilter subsystem in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-125
6.0
6.0
2023-10-09 CVE-2023-39192 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Netfilter subsystem in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-125
6.0
6.0
2023-10-09 CVE-2023-39193 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Netfilter subsystem in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-125
6.0
6.0
2023-10-09 CVE-2023-39194 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the XFRM subsystem in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-125
4.4
4.4
2023-10-05 CVE-2023-42754 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack.
local
low complexity
linux redhat fedoraproject CWE-476
5.5
5.5
2023-10-03 CVE-2023-5345 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.
local
low complexity
linux fedoraproject CWE-416
7.8
7.8