The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-6040 | An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2022-48619 | An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0443 | A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0340 | A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. | -- | Jan 9, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0193 | A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. | -- | Jan 2, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7192 | A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | -- | Jan 2, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7104 | A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. | -- | Dec 28, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6531 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector\'s deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | -- | Dec 28, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51782 | An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51781 | An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51780 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51779 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7042 | A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service. | -- | Dec 21, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-6546 | A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system. | -- | Dec 21, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51385 | In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. | -- | Dec 19, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6932 | A use-after-free vulnerability in the Linux kernel\'s ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. | -- | Dec 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6931 | A heap out-of-bounds write vulnerability in the Linux kernel\'s Performance Events system component can be exploited to achieve local privilege escalation. A perf_event\'s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b. | -- | Dec 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6817 | A use-after-free vulnerability in the Linux kernel\'s netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a. | -- | Dec 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6478 | A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6377 | A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50495 | NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). | -- | Dec 12, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39804 | In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46751 | An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. | -- | Dec 7, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-45866 | Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. | -- | Dec 8, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-47100 | In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \\p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. | -- | Dec 3, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39326 | A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. | -- | Nov 30, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48706 | Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. | -- | Nov 24, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-47038 | A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. | -- | Nov 27, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-41913 | strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm\'s DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message. | -- | Nov 22, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6277 | An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. | -- | Nov 27, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6228 | An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. | -- | Nov 23, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48237 | Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `6bf131888` which has been included in version 9.0.2112. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48236 | Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit `73b2d379` which has been included in release version 9.0.2111. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48235 | Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48234 | Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48233 | Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48232 | Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the \'n\' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the \'cpo\' setting includes the \'n\' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48231 | Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6176 | A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system. | -- | Nov 16, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-5981 | A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | -- | Nov 17, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-34324 | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn\'t use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn\'t block further readers to get the lock). | -- | Jan 5, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-47342 | avformat/rtsp: Use rtsp_st->stream_index | -- | Nov 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-44446 | GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299. | -- | Nov 15, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-23583 | Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. | -- | Nov 14, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39198 | A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. | -- | Nov 9, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39197 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | -- | Nov 10, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-35825 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3141. Reason: This candidate is a reservation duplicate of CVE-2023-3141. Notes: All CVE users should reference CVE-2023-3141 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | -- | Nov 7, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack. | -- | Nov 7, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-5869 | A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\'s memory. | -- | Nov 7, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \'unknown\'-type arguments. Handling \'unknown\'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. | -- | Nov 7, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
