Filtered by vendor Linux
Subscriptions
Total
7564 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-0266 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2024-08-02 | 7.9 High |
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e | ||||
CVE-2023-0193 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-08-02 | 4.4 Medium |
NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure. | ||||
CVE-2023-0191 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2024-08-02 | 7.1 High |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering. | ||||
CVE-2023-0181 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2024-08-02 | 7.1 High |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering. | ||||
CVE-2023-0189 | 2 Linux, Nvidia | 2 Linux Kernel, Virtual Gpu | 2024-08-02 | 8.8 High |
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
CVE-2023-0188 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2024-08-02 | 5.5 Medium |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service. | ||||
CVE-2023-0198 | 5 Citrix, Linux, Nvidia and 2 more | 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more | 2024-08-02 | 6.6 Medium |
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. | ||||
CVE-2023-0208 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2024-08-02 | 8.4 High |
NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering. | ||||
CVE-2023-0183 | 5 Citrix, Linux, Nvidia and 2 more | 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more | 2024-08-02 | 7.1 High |
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering. | ||||
CVE-2023-0240 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.8 High |
There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. This can lead to reference counting issues causing use-after-free. We recommend upgrading past version 5.10.161. | ||||
CVE-2023-0210 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.5 High |
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems. | ||||
CVE-2023-0196 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-08-02 | 3.3 Low |
NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. | ||||
CVE-2023-0194 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Virtual Gpu | 2024-08-02 | 2 Low |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service. | ||||
CVE-2023-0179 | 4 Canonical, Fedoraproject, Linux and 1 more | 15 Ubuntu Linux, Fedora, Linux Kernel and 12 more | 2024-08-02 | 7.8 High |
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. | ||||
CVE-2023-0180 | 5 Citrix, Linux, Nvidia and 2 more | 5 Hypervisor, Linux Kernel, Virtual Gpu and 2 more | 2024-08-02 | 7.1 High |
NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure. | ||||
CVE-2023-0122 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.5 High |
A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4. | ||||
CVE-2023-0030 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.8 High |
A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
CVE-2023-0041 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-08-02 | 6.3 Medium |
IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657. | ||||
CVE-2023-0045 | 3 Debian, Linux, Netapp | 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more | 2024-08-02 | 4.7 Medium |
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96 | ||||
CVE-2024-35948 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 8.4 High |
In the Linux kernel, the following vulnerability has been resolved: bcachefs: Check for journal entries overruning end of sb clean section Fix a missing bounds check in superblock validation. Note that we don't yet have repair code for this case - repair code for individual items is generally low priority, since the whole superblock is checksummed, validated prior to write, and we have backups. |