Vulnerabilities > Linux

DATE CVE VULNERABILITY TITLE RISK
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 		8.8
8.8
2023-06-05 CVE-2023-3111 Use After Free vulnerability in multiple products
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel.
local
low complexity
linux debian netapp CWE-416
7.8
7.8
2023-06-01 CVE-2023-2598 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer.
local
low complexity
linux netapp CWE-787
7.8
7.8
2023-06-01 CVE-2023-2985 Use After Free vulnerability in Linux Kernel
A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel.
local
low complexity
linux CWE-416
5.5
5.5
2023-05-31 CVE-2022-48502 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.2.
local
low complexity
linux netapp CWE-125
7.1
7.1
2023-05-31 CVE-2023-34256 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.3.
local
low complexity
linux suse debian CWE-125
5.5
5.5
2023-05-31 CVE-2023-3006 Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux Kernel 6.1
A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne.
local
low complexity
linux CWE-212
5.5
5.5
2023-05-26 CVE-2023-2898 NULL Pointer Dereference vulnerability in multiple products
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel.
local
high complexity
linux debian netapp CWE-476
4.7
4.7
2023-05-26 CVE-2023-2002 Incorrect Authorization vulnerability in multiple products
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel.
low complexity
linux debian CWE-863
6.8
6.8
2023-05-25 CVE-2023-0459 Release of Invalid Pointer or Reference vulnerability in Linux Kernel
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user().
local
low complexity
linux CWE-763
5.5
5.5