A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. (CVE-2023-2513) qfq_change_class in net/sched/sch_qfq.c in the Linux kernel prior to 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. (CVE-2023-31436)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 6.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux 9.0 |