Vulnerabilities > Linux > Linux Kernel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-3269 | Use After Free vulnerability in multiple products A vulnerability exists in the memory management subsystem of the Linux kernel. | 7.8 |
| 2023-07-10 | CVE-2023-32250 | Race Condition vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-10 | CVE-2023-32254 | Race Condition vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-05 | CVE-2023-31248 | Use After Free vulnerability in multiple products Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-07-05 | CVE-2023-35001 | Out-of-bounds Write vulnerability in multiple products Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-06-28 | CVE-2023-3390 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. | 7.8 |
| 2023-06-28 | CVE-2023-3090 | Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. | 7.8 |
| 2023-06-28 | CVE-2023-3389 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable). | 7.8 |
| 2023-06-28 | CVE-2023-1295 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. | 7.0 |
| 2023-06-23 | CVE-2023-3317 | Use After Free vulnerability in Linux Kernel A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. | 7.1 |