Filtered by vendor Linux Subscriptions
Total 12541 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-4010 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-03-05 4.6 Medium
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service.
CVE-2024-0819 4 Apple, Linux, Microsoft and 1 more 4 Macos, Linux Kernel, Windows and 1 more 2025-03-04 7.3 High
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.
CVE-2023-4385 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-28 5.5 Medium
A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.
CVE-2023-4394 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-28 6.7 Medium
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information
CVE-2023-4569 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2025-02-28 5.5 Medium
A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.
CVE-2023-4611 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-28 7 High
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.
CVE-2023-4155 3 Fedoraproject, Linux, Redhat 7 Fedora, Linux Kernel, Enterprise Linux and 4 more 2025-02-27 5.3 Medium
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).
CVE-2023-2163 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more 2025-02-27 10 Critical
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
CVE-2023-5158 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-27 6.5 Medium
A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.
CVE-2023-1192 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more 2025-02-27 6.5 Medium
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
CVE-2023-3397 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-27 7 High
A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information.
CVE-2023-1193 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-27 6.5 Medium
A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work.
CVE-2023-31018 8 Canonical, Citrix, Linux and 5 more 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more 2025-02-27 6.5 Medium
NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service.
CVE-2023-31022 8 Canonical, Citrix, Linux and 5 more 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more 2025-02-27 5.5 Medium
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service.
CVE-2023-1476 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 3 more 2025-02-27 7 High
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.
CVE-2023-6039 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-02-27 5.5 Medium
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.
CVE-2022-48424 1 Linux 1 Linux Kernel 2025-02-27 7.8 High
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.
CVE-2022-48423 1 Linux 1 Linux Kernel 2025-02-27 7.8 High
In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur.
CVE-2022-48422 2 Linux, Onlyoffice 2 Linux Kernel, Document Server 2025-02-27 7.8 High
ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located.
CVE-2023-25590 2 Arubanetworks, Linux 2 Clearpass Policy Manager, Linux Kernel 2025-02-27 7.8 High
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance.