Linux: >> Linux Kernel >> 2.0.14 Security Vulnerabilities
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
CVSS Score
4.6
EPSS Score
0.0
Published
2023-02-02
There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation.
In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. This can lead to reference counting issues causing use-after-free. We recommend upgrading past version 5.10.161.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-01-30
A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-01-26
A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-26
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-26
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-17
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-01-17
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-01-11
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-22
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-14