Vulnerabilities > Linux > Linux Kernel > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2024-23851 Unspecified vulnerability in Linux Kernel
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check.
local
low complexity
linux
5.5
2024-01-18 CVE-2024-0607 A flaw was found in the Netfilter subsystem in the Linux kernel.
local
low complexity
linux fedoraproject redhat
6.6
2024-01-17 CVE-2024-0639 Improper Locking vulnerability in multiple products
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem.
local
low complexity
linux redhat CWE-667
5.5
2024-01-17 CVE-2024-0641 Improper Locking vulnerability in multiple products
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem.
local
low complexity
linux redhat CWE-667
5.5
2024-01-15 CVE-2023-6915 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel.
local
low complexity
linux redhat CWE-476
5.5
2024-01-12 CVE-2022-48619 Unspecified vulnerability in Linux Kernel
An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10.
local
low complexity
linux
5.5
2024-01-12 CVE-2024-0443 Exposure of Resource to Wrong Sphere vulnerability in multiple products
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem.
local
low complexity
linux redhat fedoraproject CWE-668
5.5
2024-01-09 CVE-2024-0340 Unspecified vulnerability in Linux Kernel
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function.
local
low complexity
linux
5.5
2024-01-08 CVE-2023-1032 Double Free vulnerability in multiple products
The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c.
local
low complexity
linux canonical CWE-415
5.5
2024-01-05 CVE-2023-34324 Resource Exhaustion vulnerability in multiple products
Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g.
network
low complexity
xen linux CWE-400
4.9