The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2022-4744 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Mar 27, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1513 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | -- | Mar 24, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1281 | Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation.??The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when \'tcf_exts_exec()\' is called with the destroyed tcf_ext.??A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. | -- | Mar 24, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-28772 | An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. | -- | Mar 23, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-24537 | Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. | -- | Mar 23, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-0466 | The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. | LOW | Mar 22, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-0464 | A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy\' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()\' function. | LOW | Mar 22, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-27538 | An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27536 | An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27535 | An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-27534 | A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\'s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user. | LOW | Mar 21, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1390 | A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition. | -- | Mar 17, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-28487 | Sudo before 1.9.13 does not escape control characters in sudoreplay output. | -- | Mar 16, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28486 | Sudo before 1.9.13 does not escape control characters in log messages. | -- | Mar 16, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28466 | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | -- | Mar 16, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-28450 | An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. | -- | Mar 16, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-28328 | A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service. | -- | Mar 15, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1382 | A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel. | -- | Mar 15, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1380 | A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. | -- | Mar 15, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1355 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402. | -- | Mar 11, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1264 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | -- | Mar 8, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-27522 | HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. | -- | Mar 7, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-25690 | Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule ^/here/(.*) http://example.com:8080/elsewhere?$1; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server. | -- | Mar 7, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-45142 | The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding != 0 comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted. | -- | Mar 7, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1175 | Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | -- | Mar 4, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1127 | Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. | -- | Mar 4, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-27561 | runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | -- | Mar 3, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1170 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. | -- | Mar 3, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2022-4645 | LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | -- | Mar 3, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-25155 | Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. | -- | Mar 2, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1118 | A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | -- | Mar 2, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-1095 | In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference. | -- | Mar 1, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-36021 | Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. | -- | Mar 1, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1079 | A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data. | -- | Feb 28, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1078 | A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption. | -- | Feb 28, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1077 | In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. | -- | Feb 28, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1074 | A memory leak flaw was found in the Linux kernel\'s Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service. | -- | Feb 28, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-1073 | A memory corruption flaw was found in the Linux kernel???s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Feb 28, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2023-0461 | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS??or CONFIG_XFRM_ESPINTCP??has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data??of a struct inet_connection_sock. When CONFIG_TLS??is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt??TCP_ULP??operation does not require any privilege. We recommend upgrading past commit??2c02d41d71f90a5168391b6a5f2954112ba2307c | -- | Feb 28, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-26607 | In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. | -- | Feb 26, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-26545 | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | -- | Feb 26, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-24329 | An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | LOW | Feb 17, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
| CVE-2022-38090 | Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. | -- | Feb 17, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-33972 | Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access. | -- | Feb 17, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-33196 | Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. | -- | Feb 17, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2022-21216 | Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. | -- | Feb 17, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-23916 | An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the chained HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable links in this decompression chain wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a malloc bomb, making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. | LOW | Feb 16, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-0662 | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. | -- | Feb 16, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-0568 | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. | -- | Feb 16, 2023 | 10.18.44.29 (Wind River Linux LTS 18) |
| CVE-2023-0804 | LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | -- | Feb 15, 2023 | 10.18.44.30 (Wind River Linux LTS 18) |
