VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 6.1.10. It has been classified as problematic. This affects the function add_secret_dac_path. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2023-52988. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.10. It has been declared as problematic. This vulnerability affects the function sof_ipc4_priority_mask_dfs_write of the component ipc4-mtrace. The manipulation leads to insufficient verification of data authenticity. This vulnerability was named CVE-2023-52987. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.10 and classified as critical. Affected by this vulnerability is the function ovs_flow_cmd_new in the library include/linux/slab.h. The manipulation leads to memory leak. This vulnerability is known as CVE-2023-52977. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.167/5.15.92/6.1.10 and classified as critical. Affected by this issue is the function probe. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2023-52984. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.10. Affected is the function copy_bio_to_actor. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2023-52979. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.10. This vulnerability affects the function debugfs_lookup of the component hv_balloon. The manipulation leads to memory leak. This vulnerability was named CVE-2023-52937. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.10. This issue affects the function ublk_get_queue in the library ublk_cmd.h of the component Ublk. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2023-52980. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.10. This affects the function lru_gen_migrate_mm. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-52940. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.10. It has been rated as problematic. Affected by this issue is the function update_parent_subparts_cpumask. The manipulation leads to state issue. This vulnerability is handled as CVE-2023-52942. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.8. It has been declared as critical. Affected by this vulnerability is the function ffs_ep0_queue_wait of the component f_fs. The manipulation leads to use after free. This vulnerability is known as CVE-2022-49755. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.90/6.1.8. It has been classified as critical. Affected is the function fwnode_graph_get_next_endpoint. The manipulation of the argument parent leads to improper update of reference count. This vulnerability is traded as CVE-2022-49752. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.92/6.1.10 and classified as critical. This issue affects the function debugfs_lookup of the file kernel/irq/irqdomain.c. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2023-52936. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.10 and classified as critical. This vulnerability affects the function cond_resched of the component swapfile. The manipulation leads to infinite loop. This vulnerability was named CVE-2023-52932. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.10. This affects the function dev_set_name of the component nvmem. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2023-52929. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.10.164/5.15.89/6.1.7. Affected by this issue is the function run_one_delayed_ref of the component btrfs. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-49761. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.8. Affected is the function w1_process. The manipulation leads to state issue. This vulnerability is traded as CVE-2022-49751. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.7. Affected by this vulnerability is the function hugetlb_change_protection. The manipulation of the argument pte leads to improper update of reference count. This vulnerability is known as CVE-2022-49760. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.8. It has been rated as critical. This issue affects the function mgmt_mesh_add of the file net/bluetooth/mgmt_util.c of the component Bluetooth. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2022-49754. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.8. It has been declared as critical. This vulnerability affects unknown code of the component cpufreq. The manipulation of the argument _CPC leads to buffer overflow. This vulnerability was named CVE-2022-49750. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.91/6.1.9. It has been classified as critical. This affects the function iomap_iter_done of the file erofs/zmap.c. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-49747. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.