BDU:2022-07339

Уязвимость драйвера файловой системы NFS ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.4) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

References:

CVE-2022-4379

Published: 2023-03-17

BDU:2023-01780

Уязвимость функции xirc2ps_detach() драйвера сетевого адаптера Xircom 16-bit PCMCIA (PC-card) операционных систем Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Severity: MEDIUM (4.4) Vector: AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

References:

CVE-2023-1670

Published: 2023-01-11
Modified: 2024-11-21

CVE-2022-4379

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2023-03-31
Modified: 2025-02-14

CVE-2023-1670

A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2023-06-28
Modified: 2025-02-13

CVE-2023-3389

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable).

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Version: 2.1.0

Branch c9f2 update on 2023-07-04

ALT-BU-2023-4167-1

ALT-PU-2023-4146-1

Closed vulnerabilities

BDU:2022-07339

BDU:2023-01780

CVE-2022-4379

CVE-2023-1670

CVE-2023-3389