Vulnerabilities (CVE)

Filtered by vendor Linux Subscribe
Filtered by product Linux Kernel
Total 7696 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0266 1 Linux 1 Linux Kernel 2024-11-21 N/A 7.9 HIGH
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
CVE-2023-0240 1 Linux 1 Linux Kernel 2024-11-21 N/A 7.8 HIGH
There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. This can lead to reference counting issues causing use-after-free. We recommend upgrading past version 5.10.161.
CVE-2023-0210 1 Linux 1 Linux Kernel 2024-11-21 N/A 7.5 HIGH
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
CVE-2023-0208 2 Linux, Nvidia 2 Linux Kernel, Data Center Gpu Manager 2024-11-21 N/A 8.4 HIGH
NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering.
CVE-2023-0198 5 Citrix, Linux, Nvidia and 2 more 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more 2024-11-21 N/A 6.6 MEDIUM
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering.
CVE-2023-0196 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 N/A 3.3 LOW
NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service.
CVE-2023-0194 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Virtual Gpu 2024-11-21 N/A 2.0 LOW
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service.
CVE-2023-0193 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 N/A 4.4 MEDIUM
NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure.
CVE-2023-0191 6 Citrix, Linux, Microsoft and 3 more 6 Hypervisor, Linux Kernel, Windows and 3 more 2024-11-21 N/A 7.1 HIGH
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering.
CVE-2023-0189 2 Linux, Nvidia 2 Linux Kernel, Virtual Gpu 2024-11-21 N/A 8.8 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-0188 6 Citrix, Linux, Microsoft and 3 more 6 Hypervisor, Linux Kernel, Windows and 3 more 2024-11-21 N/A 5.5 MEDIUM
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service.
CVE-2023-0183 5 Citrix, Linux, Nvidia and 2 more 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more 2024-11-21 N/A 7.1 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering.
CVE-2023-0181 6 Citrix, Linux, Microsoft and 3 more 6 Hypervisor, Linux Kernel, Windows and 3 more 2024-11-21 N/A 7.1 HIGH
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.
CVE-2023-0180 5 Citrix, Linux, Nvidia and 2 more 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more 2024-11-21 N/A 7.1 HIGH
NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure.
CVE-2023-0179 4 Canonical, Fedoraproject, Linux and 1 more 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more 2024-11-21 N/A 7.8 HIGH
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
CVE-2023-0160 2 Fedoraproject, Linux 2 Fedora, Linux Kernel 2024-11-21 N/A 4.7 MEDIUM
A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.
CVE-2023-0122 1 Linux 1 Linux Kernel 2024-11-21 N/A 7.5 HIGH
A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4.
CVE-2023-0045 3 Debian, Linux, Netapp 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more 2024-11-21 N/A 4.7 MEDIUM
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96
CVE-2023-0041 2 Ibm, Linux 2 Security Guardium, Linux Kernel 2024-11-21 N/A 6.3 MEDIUM
IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.
CVE-2023-0030 1 Linux 1 Linux Kernel 2024-11-21 N/A 7.8 HIGH
A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.