CVEs from 2023
Total
6,100
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-52997 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() if (!type) continue; if (type > RTAX_MAX) return -EINVAL; … | |||
| CVE-2023-54306 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the tx_lock syzbot sent a hung task report and Eric explains that adversarial receiver may keep … | |||
| CVE-2023-1075 | high | — | 8.0 | 3y ago | A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused … | |||
| CVE-2023-4207 | high | — | 8.0 | 3y ago | A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. When fw_change() is called on an existing filter, the whole t… | |||
| CVE-2023-20569 | high | — | 8.0 | 3y ago | Important: linux-firmware security, bug fix, and enhancement update | |||
| CVE-2023-35825 | high | — | 8.0 | 3y ago | RHSA-2023:7077: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2023-54144 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by cor… | |||
| CVE-2023-53036 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are o… | |||
| CVE-2023-54034 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfio_iommu_type1_info before copying to user Missed a zero initialization here. Most of the struct is … | |||
| CVE-2023-54024 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregister… | |||
| CVE-2023-53028 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()" This reverts commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. iee… | |||
| CVE-2023-53038 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() If kzalloc() fails in lpfc_sli4_cgn_params_read(), then we rely on lpf… | |||
| CVE-2023-53753 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would … | |||
| CVE-2023-53039 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR sched… | |||
| CVE-2023-53706 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef9 ("mm/sparse-vmemmap: improve memory savings f… | |||
| CVE-2023-53626 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible double unlock when moving a directory | |||
| CVE-2023-53594 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir()… | |||
| CVE-2023-53561 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device … | |||
| CVE-2023-53042 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit [WHY] Writing to DRR registers such as OTG_V_TOTAL_MIN on the same frame as a pipe… | |||
| CVE-2023-53044 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate alloc_percpu failure Check alloc_precpu()'s return value and return an error from dm_stats_init… | |||
| CVE-2023-53065 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output syzkaller reportes a KASAN issue with … | |||
| CVE-2023-53071 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76_unregister_device() on unregistered hw Trying to probe a mt7921e pci card without firmware results in… | |||
| CVE-2023-52988 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() snd_hda_get_connections() can return a negative error … | |||
| CVE-2023-53078 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() If alua_rtpg_queue() failed from alua_activate(), then 'qdata' is … | |||
| CVE-2023-33952 | high | — | 8.0 | 3y ago | A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior … | |||
| CVE-2023-53114 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that firmware is in reco… | |||
| CVE-2023-53198 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: raw: Fix NULL deref in raw_get_next(). Dae R. Jeong reported a NULL deref in raw_get_next() [0]. It seems that the repro was run… | |||
| CVE-2023-53079 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix steering rules cleanup vport's mc, uc and multicast rules are not deleted in teardown path when EEH happens. Since … | |||
| CVE-2023-53124 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allo… | |||
| CVE-2023-53120 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix config page DMA memory leak A fix for: DMA-API: pci 0000:83:00.0: device driver has pending DMA allocations wh… | |||
| CVE-2023-53121 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: tcp_make_synack() can be called from process context tcp_rtx_synack() now could be called in process context as explained in… | |||
| CVE-2023-53126 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove() Free mrioc->sas_hba.phy at .remove. | |||
| CVE-2023-53132 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() Free mpi3mr_hba_port at .remove. | |||
| CVE-2023-52992 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in send_signal_common() The following kernel panic can be triggered when a task with pid=1 attaches a p… | |||
| CVE-2023-53218 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Make it so that a waiting process can be aborted When sendmsg() creates an rxrpc call, it queues it to wait for a connecti… | |||
| CVE-2023-27932 | high | — | 8.0 | 3y ago | This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web c… | |||
| CVE-2023-27954 | high | — | 8.0 | 3y ago | The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A websi… | |||
| CVE-2023-32370 | high | — | 8.0 | 3y ago | A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail. | |||
| CVE-2023-53229 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta Avoid potential data corruption issues caused by un… | |||
| CVE-2023-53232 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevan… | |||
| CVE-2023-32393 | high | — | 8.0 | 3y ago | The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code e… | |||
| CVE-2023-38611 | high | — | 8.0 | 3y ago | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arb… | |||
| CVE-2023-40397 | high | — | 8.0 | 3y ago | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. | |||
| CVE-2023-40451 | high | — | 8.0 | 3y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code. | |||
| CVE-2023-33203 | high | — | 8.0 | 3y ago | The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. | |||
| CVE-2023-3268 | high | — | 8.0 | 3y ago | An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or le… | |||
| CVE-2023-3358 | high | — | 8.0 | 3y ago | A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system. | |||
| CVE-2023-42833 | high | — | 8.0 | 3y ago | A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution. | |||
| CVE-2023-4273 | high | — | 8.0 | 3y ago | A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries f… | |||
| CVE-2023-53296 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after wait_for_sndbuf This patch fixes a corner case where the asoc out stream count may change af… | |||
| CVE-2023-53299 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and repl… | |||
| CVE-2023-53319 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm Currently there is no synchronisation between finalize_pkvm() … | |||
| CVE-2023-53334 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: USB: chipidea: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… | |||
| CVE-2023-53437 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link. | |||
| CVE-2023-52928 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrack_insn The verifier skips invalid kfunc call in check_kfunc_call(), which would be captur… | |||
| CVE-2023-53443 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak In arizona_clk32k_enable(), we should use pm_runtime_resume_… | |||
| CVE-2023-53453 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: free iio for atombios when driver shutdown Fix below kmemleak when unload radeon driver: unreferenced object 0xffff9… | |||
| CVE-2023-53499 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in virtnet_open(), some rq xdp initialization may hit… | |||
| CVE-2023-53511 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix fget leak when fs don't support nowait buffered read Heming reported a BUG when using io_uring doing link-cp on ocf… | |||
| CVE-2023-53512 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree(). | |||
| CVE-2023-53517 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: do not update mtu if msg_max is too small in mtu negotiation When doing link mtu negotiation, a malicious peer may send Act… | |||
| CVE-2023-52977 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new Syzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as i… | |||
| CVE-2023-53598 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of … | |||
| CVE-2023-53602 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not releas… | |||
| CVE-2023-53605 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function. | |||
| CVE-2023-53607 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() … | |||
| CVE-2023-53640 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we get below Out of Bounds error. "KASAN: slab-out… | |||
| CVE-2023-53620 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in status_resync status_resync() will calculate 'curr_resync - recovery_active' to show user a progress bar l… | |||
| CVE-2023-53639 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to dev_dbg() in callback The warn is triggered on a known race condition, documented in the code above … | |||
| CVE-2023-52991 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skb_segment_list Commit 3a1296a38d0c ("net: Support GRO/GSO fraglist chaining.") introduced UDP listifye… | |||
| CVE-2023-52993 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel f… | |||
| CVE-2023-53755 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically du… | |||
| CVE-2023-53756 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as… | |||
| CVE-2023-53760 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq->cq_lock deadlock issue When ufshcd_err_handler() is executed, CQ event interrupt can enter waitin… | |||
| CVE-2023-53767 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work() Currently the buffer pointed by event is not freed in case ATH12K… | |||
| CVE-2023-53780 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix FCLK pstate change underflow [Why] Currently we set FCLK p-state change watermark calculated based on dummy … | |||
| CVE-2023-53786 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --ta… | |||
| CVE-2023-53789 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page f… | |||
| CVE-2023-53832 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10_sync_request init_resync() inits mempool and sets conf->have_replacemnt at the beginning … | |||
| CVE-2023-52707 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered … | |||
| CVE-2023-53852 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix foll… | |||
| CVE-2023-53866 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: Reposition and add pcm_mutex If panic_on_warn is set and compress stream(DPCM) is started, then kernel panic … | |||
| CVE-2023-52994 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 ("x86/boot: Skip realmode init code when running as Xen PV guest") missed one c… | |||
| CVE-2023-54085 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflow_syn_recv_sock() deletes … | |||
| CVE-2023-54088 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock… | |||
| CVE-2023-54092 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. Whe… | |||
| CVE-2023-54097 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix of_iomap leak Smatch reports: drivers/regulator/stm32-pwr.c:166 stm32_pwr_regulator_probe() warn: 'base… | |||
| CVE-2023-54098 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is st… | |||
| CVE-2023-54102 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow A static code analysis tool flagged the possibility of buffer o… | |||
| CVE-2023-54108 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-… | |||
| CVE-2023-54216 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswitch object mapping pool while in nic mode where… | |||
| CVE-2023-54233 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .module_info… | |||
| CVE-2023-54234 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization Commit c1af985d27da ("scsi: mpi3mr: Add Event acknowledgment logic") … | |||
| CVE-2023-54238 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neit… | |||
| CVE-2023-54245 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-o… | |||
| CVE-2023-54259 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow This reverts commit 443a98e649b4 ("soundwire: bus: … | |||
| CVE-2023-54270 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by do_submit_urb There are UAF bugs caused by do_submit_urb(). One of the KASan… | |||
| CVE-2023-54269 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprt_ctxt while still in use When an RPC request is deferred, the rq_xprt_ctxt pointer is moved out of the sv… | |||
| CVE-2023-54273 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released… | |||
| CVE-2023-54275 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup crypto_alloc_shash() allocates resources, which should be released by … |