In the Linux kernel prior to 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. (CVE-2022-47929) A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. (CVE-2023-0179) A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. (CVE-2023-0394) cbq_classify in net/sched/sch_cbq.c in the Linux kernel up to and including 6.1.4 allows malicious users to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23454) atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel up to and including 6.1.4 allows malicious users to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). (CVE-2023-23455)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 20.04 |
||
canonical ubuntu linux 22.04 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |
||
redhat enterprise linux 9.0 |
||
redhat enterprise linux server for power little endian update services for sap solutions 9.0 |
||
redhat enterprise linux for power little endian eus 9.0 |
||
redhat enterprise linux for power little endian 9.0 |
||
redhat enterprise linux eus 9.0 |
||
redhat enterprise linux for real time for nfv 9.0 |
||
redhat enterprise linux for real time 9.0 |
||
redhat enterprise linux server 9.0 |
||
redhat enterprise linux for ibm z systems 9.0 |
||
redhat codeready_linux_builder - |