Vulnerabilities > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-31 CVE-2023-28464 Double Free vulnerability in multiple products
hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put.
local
low complexity
linux netapp CWE-415
7.8
2023-03-30 CVE-2023-1670 Use After Free vulnerability in Linux Kernel
A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
local
low complexity
linux CWE-416
7.8
2023-03-30 CVE-2022-4744 Double Free vulnerability in Linux Kernel
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier).
local
low complexity
linux CWE-415
7.8
2023-03-29 CVE-2023-1652 Use After Free vulnerability in multiple products
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel.
local
low complexity
linux redhat CWE-416
7.1
2023-03-27 CVE-2023-0179 Integer Overflow or Wraparound vulnerability in multiple products
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel.
local
low complexity
linux canonical fedoraproject redhat CWE-190
7.8
2023-03-27 CVE-2023-0210 Out-of-bounds Write vulnerability in Linux Kernel
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
network
low complexity
linux CWE-787
7.5
2023-03-27 CVE-2023-1077 Type Confusion vulnerability in multiple products
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
local
high complexity
linux debian netapp CWE-843
7.0
2023-03-27 CVE-2023-1078 Type Confusion vulnerability in Linux Kernel
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol.
local
low complexity
linux CWE-843
7.8
2023-03-27 CVE-2023-1380 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
local
low complexity
redhat linux netapp debian canonical CWE-125
7.1
2023-03-23 CVE-2023-1252 Use After Free vulnerability in Linux Kernel
A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage.
local
low complexity
linux CWE-416
7.8