Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation,… Read More »CVE-2023-2163 | Linux Kernel
A use-after-free vulnerability in the Linux kernel’s net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as… Read More »CVE-2023-4921 | Kernel
A use-after-free vulnerability in the Linux kernel’s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class… Read More »CVE-2023-4623 | Kernel
A use-after-free vulnerability in the Linux kernel’s af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to… Read More »CVE-2023-4622 | Kernel
A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables… Read More »CVE-2023-4244 | Kernel
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing… Read More »CVE-2023-4208 | Kernel
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_fw component can be exploited to achieve local privilege escalation. When fw_change() is called on an existing… Read More »CVE-2023-4207 | Kernel
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing… Read More »CVE-2023-4206 | Kernel
A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation. On an error when building a nftables… Read More »CVE-2023-4015 | Kernel
A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it… Read More »CVE-2023-3777 | Kernel
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited… Read More »CVE-2023-4016 | Linux Kernal
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a… Read More »CVE-2023-3389 | Kernel
A time-of-check to time-of-use issue exists in io_uring subsystem’s IORING_OP_CLOSE operation in the Linux kernel’s versions 5.6 – 5.11 (inclusive), which allows a local user… Read More »CVE-2023-1295 | Linux Kernel
A use-after-free vulnerability was found in the Linux kernel’s netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling… Read More »CVE-2023-3390 | Linux Kernel
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused… Read More »CVE-2023-3090 | Kernel