Linux Kernel vulnerabilities

CVE-2023-3776 [HIGH] CWE-416 CVE-2023-3776: A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it t

CVE-2023-3609 [HIGH] CWE-416 CVE-2023-3609: A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited t A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it

CVE-2023-3610 [HIGH] CWE-416 CVE-2023-3610: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered. We recommend upgrading past commit 4bedf9eee016286

CVE-2023-3389 [HIGH] CWE-416 CVE-2023-3389: A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve lo A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and

CVE-2023-3090 [HIGH] CWE-787 CVE-2023-3090: A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645

CVE-2022-42432 [MEDIUM] CWE-457 CVE-2022-42432: This vulnerability allows local attackers to disclose sensitive information on affected installation This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the

CVE-2022-3640 [MEDIUM] CWE-119 CVE-2022-3640: A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the functi A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

CVE-2022-3625 [MEDIUM] CWE-119 CVE-2022-3625: A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the func A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.

CVE-2022-3636 [MEDIUM] CWE-119 CVE-2022-3636: A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the funct A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerabilit

CVE-2022-3635 [MEDIUM] CWE-119 CVE-2022-3635: A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.

CVE-2022-3649 [LOW] CWE-119 CVE-2022-3649: A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the fu A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is

CVE-2022-3646 [LOW] CWE-404 CVE-2022-3646: A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue aff A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was

CVE-2022-3630 [LOW] CWE-404 CVE-2022-3630: A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects some A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects some unknown processing of the file fs/fscache/cookie.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211931.

CVE-2022-3637 [LOW] CWE-404 CVE-2022-3637: A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability aff A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlink_init of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211936.

CVE-2022-3629 [LOW] CWE-401 CVE-2022-3629: A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability a A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-2

CVE-2022-3624 [LOW] CWE-404 CVE-2022-3624: A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is t A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is the function rlb_arp_xmit of the file drivers/net/bonding/bond_alb.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211928.

CVE-2022-3633 [LOW] CWE-401 CVE-2022-3633: A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.

CVE-2022-3623 [MEDIUM] CWE-362 CVE-2022-3623: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vul A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assi

CVE-2022-3619 [LOW] CWE-404 CVE-2022-3619: A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability aff A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211918 is the identifier assigned to this vulnerability

CVE-2022-3621 [MEDIUM] CWE-404 CVE-2022-3621: A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the fu A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifi