CVE-2023-7077
published 2024-02-05CVE-2023-7077: Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.69%
48.3th percentile
Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4x63-78pq-hqc9: Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705,
ghsa_unreviewed·2024-02-05
CVE-2023-7077 [CRITICAL] CWE-22 GHSA-4x63-78pq-hqc9: Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705,
Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request.
Red Hat
kernel: wifi: nl80211: fix NULL-ptr deref in offchan check
vendor_redhat·2025-05-02·CVSS 5.5
CVE-2023-53113 [MEDIUM] CWE-476 kernel: wifi: nl80211: fix NULL-ptr deref in offchan check
kernel: wifi: nl80211: fix NULL-ptr deref in offchan check
In the Linux kernel, the following vulnerability has been resolved:
wifi: nl80211: fix NULL-ptr deref in offchan check
If, e.g. in AP mode, the link was already created by userspace
but not activated yet, it has a chandef but the chandef isn't
valid and has no channel. Check for this and ignore this link.
A flaw was found in the cfg80211 module in the Linux kernel. In Access Point (AP) mode, if a wireless link is created by userspace but not yet activated, it may contain an invalid channel definition with no channel. This issue may cause a NULL pointer dereference that results in a denial of service.
Statement: This issue has been fixed in Red Hat Enterprise Linux 8.9 and 9.3 via RHSA-2023:7077 [1] and RHSA-2023:6583 [2], respec
Red Hat
kernel: thunderbolt: Fix memory leak in margining
vendor_redhat·2025-05-02·CVSS 5.5
CVE-2023-53050 [MEDIUM] CWE-401 kernel: thunderbolt: Fix memory leak in margining
kernel: thunderbolt: Fix memory leak in margining
In the Linux kernel, the following vulnerability has been resolved:
thunderbolt: Fix memory leak in margining
Memory for the usb4->margining needs to be relased for the upstream port
of the router as well, even though the debugfs directory gets released
with the router device removal. Fix this.
A flaw was found in the Thunderbolt module in the Linux kernel. The missing release of memory allocated for the margining for the upstream port of the router can cause a memory leak, potentially impacting system stability and resulting in a denial of service.
Statement: This issue has been fixed in Red Hat Enterprise Linux 8.9 and 9.3 via RHSA-2023:7077 [1] and RHSA-2023:6583 [2], respectively.
[1]. https://access.redhat.com/errata/RHSA-2023:7077
Red Hat
kernel: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
vendor_redhat·2025-05-02·CVSS 5.5
CVE-2023-53132 [MEDIUM] CWE-401 kernel: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
kernel: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
Free mpi3mr_hba_port at .remove.
A flaw was found in the mpi3mr module in the Linux kernel. The missing release of memory allocated for mpi3mr_hba_port will cause a memory leak, potentially impacting system stability and resulting in a denial of service.
Statement: This issue has been fixed in Red Hat Enterprise Linux 8.9 and 9.3 via RHSA-2023:7077 [1] and RHSA-2023:6583 [2], respectively.
[1]. https://access.redhat.com/errata/RHSA-2023:7077
[2]. https://access.redhat.com/errata/RHSA-2023:6583
Package: kernel (Red Hat Enterprise Linux 10) - Not affected
Package: kernel (Red Hat Ente
Red Hat
kernel: scsi: mpi3mr: Fix config page DMA memory leak
vendor_redhat·2025-05-02·CVSS 5.5
CVE-2023-53120 [MEDIUM] CWE-401 kernel: scsi: mpi3mr: Fix config page DMA memory leak
kernel: scsi: mpi3mr: Fix config page DMA memory leak
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix config page DMA memory leak
A fix for:
DMA-API: pci 0000:83:00.0: device driver has pending DMA allocations while released from device [count=1]
A flaw was found in the mpi3mr module in the Linux kernel. A memory leak can occur due to pending DMA allocations from the driver after it is released from the device. This issue potentially impacts system performance and results in a denial of service.
Statement: This issue has been fixed in Red Hat Enterprise Linux 8.9 and 9.3 via RHSA-2023:7077 [1] and RHSA-2023:6583 [2], respectively.
[1]. https://access.redhat.com/errata/RHSA-2023:7077
[2]. https://access.redhat.com/errata/RHSA-2023:6583
Package: kern
Red Hat
kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
vendor_redhat·2025-05-01·CVSS 5.5
CVE-2022-49864 [MEDIUM] CWE-476 kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced.
A flaw was found in the Linux kernel's AMD Kernel Fusion Driver (AMDKFD). In specific error conditions, an object holding a NULL value is used, causing a NULL pointer dereference and resulting in a denial of service.
Statement: This issue has been fixed in Red Hat Enterprise Linux 8.9 and 9.3 via RHSA-2023:7077 [1] and RHSA-2023:6583 [2], respectively.
[1]. https://access.redhat.com/errata/RHSA-2023:7077
[2]. https://access.redhat.com/errata/RHSA-2023:6583
Package: kernel (Red Hat Enterprise Linu
No detection rules found.
No public exploits indexed.
2024-02-05
Published