Vulnerabilities > Linux > Linux Kernel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-24 | CVE-2023-32257 | Improper Locking vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-24 | CVE-2023-32258 | Improper Locking vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-24 | CVE-2023-3567 | Use After Free vulnerability in multiple products A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. | 7.1 |
| 2023-07-24 | CVE-2023-3640 | Information Exposure Through Discrepancy vulnerability in multiple products A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. | 7.8 |
| 2023-07-24 | CVE-2023-3812 | Use After Free vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. | 7.8 |
| 2023-07-21 | CVE-2023-3609 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). | 7.8 |
| 2023-07-21 | CVE-2023-3610 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. | 7.8 |
| 2023-07-21 | CVE-2023-3611 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. | 7.8 |
| 2023-07-21 | CVE-2023-3776 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). | 7.8 |
| 2023-07-12 | CVE-2023-3106 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability was found in netlink_dump. | 7.8 |