SB2024051024 - Multiple vulnerabilities in IBM QRadar SIEM
Published: May 10, 2024 Updated: January 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 103 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2023-0458)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the do_prlimit() function. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.
2) Use-after-free (CVE-ID: CVE-2023-1989)
The vulnerability allows a local user to escalate privileges on the system.
The
vulnerability exists due to a use-after-free error within the btsdio_remove() function in driversluetoothtsdio.c. A local user can trigger a
use-after-free error and escalate privileges on the system.
3) Use-after-free (CVE-ID: CVE-2023-1855)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xgene_hwmon_remove() function in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). A local user can trigger a use-after-free error and execute arbitrary code on the system.
4) Use-after-free (CVE-ID: CVE-2023-1252)
The vulnerability allows a local authenticated user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.
5) Resource exhaustion (CVE-ID: CVE-2023-1206)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a hash collision flaw in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when an attacker makes a new kind of SYN flood attack. A remote attacker can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
6) Use-after-free (CVE-ID: CVE-2023-1118)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the Linux kernel integrated infrared receiver/transceiver driver "drivers/media/rc/ene_ir.c" when detaching rc device. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
7) Use-after-free (CVE-ID: CVE-2023-1079)
The vulnerability allows an attacker to compromise the vulnerable system.
The vulnerability exists due to a use-after-free error within the asus_kbd_backlight_set() function when plugging in a malicious USB device. An attacker with physical access to the system can inject a malicious USB device, trigger a use-after-free error and execute arbitrary code.
8) Type Confusion (CVE-ID: CVE-2023-1075)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a type confusion error within the tls_is_tx_ready() function in the net/tls stack of the Linux Kernel. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.
9) Memory leak (CVE-ID: CVE-2023-1074)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in Linux kernel Stream Control Transmission Protocol. A local user can start a malicious network service and then connect to remotely, forcing the kernel to leak memory.
10) Memory leak (CVE-ID: CVE-2023-0597)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to memory leak within the Linux kernel cpu_entry_area mapping of X86 CPU data. A local user can gain access to sensitive information.
11) Use-after-free (CVE-ID: CVE-2023-0590)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the qdisc_graft() function in net/sched/sch_api.c. A local user can trigger a use-after-free error and crash the kernel.
12) Access of Uninitialized Pointer (CVE-ID: CVE-2022-42895)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to unauthorized access of uninitialized pointer within the l2cap_parse_conf_req() function in net/bluetooth/l2cap_core.c. An attacker with physical proximity to the affected device can gain access to sensitive information.
13) Type Confusion (CVE-ID: CVE-2023-23455)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error within the atm_tc_enqueue() function in net/sched/sch_atm.c in the Linux kernel. A local user can trigger a type confusion error and perform a denial of service (DoS) attack.
14) Use-after-free (CVE-ID: CVE-2022-3640)
The vulnerability allows an attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error in the 2cap_conn_del() function in net/bluetooth/l2cap_core.c in Linux kernel. An attacker with physical proximity to device can trigger a use-after-free error and execute arbitrary code on the system.
15) Buffer overflow (CVE-ID: CVE-2023-1073)
The vulnerability allows an attacker to compromise the affected system.
The vulnerability exists due to a boundary error in the Linux kernel human interface device (HID) subsystem. An attacker with physical access to the system can insert in a specific way malicious USB device, trigger memory corruption and execute arbitrary code.
16) NULL pointer dereference (CVE-ID: CVE-2023-6356)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_iovec() function in the Linux kernel's NVMe driver. A remote attacker can pass specially crafted TCP packets to the system and perform a denial of service (DoS) attack.
17) Use-after-free (CVE-ID: CVE-2023-1838)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
18) Improper access control (CVE-ID: CVE-2023-46813)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses. A local user can gain arbitrary write access to kernel memory and execute arbitrary code with elevated privileges.
19) Use-after-free (CVE-ID: CVE-2023-4623)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: sch_hfsc (HFSC qdisc traffic control) component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
20) Out-of-bounds write (CVE-ID: CVE-2023-5717)
The vulnerability local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the Linux kernel's Linux Kernel Performance Events (perf) component. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
21) NULL pointer dereference (CVE-ID: CVE-2023-6535)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_execute_request() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.
22) NULL pointer dereference (CVE-ID: CVE-2023-6536)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the __nvmet_req_complete() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.
23) Buffer overflow (CVE-ID: CVE-2023-45871)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the IGB driver in drivers/net/ethernet/intel/igb/igb_main.c when handling frames larger than the MTU. A remote attacker can send specially crafted traffic to the system, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
24) Use-after-free (CVE-ID: CVE-2023-4622)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unix_stream_sendpage() function in af_unix component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
25) Security features bypass (CVE-ID: CVE-2023-1998)
The vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to incorrect implementation of the Spectre v2 SMT mitigations, related to calling prctl with PR_SET_SPECULATION_CTRL. An attacker can gain unauthorized access to kernel memory from userspace.
26) Use-after-free (CVE-ID: CVE-2023-2513)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4 filesystem in the way it handled the extra inode size for extended attributes. A local user can trigger a use-after-free error and escalate privileges on the system.
27) Use-after-free (CVE-ID: CVE-2023-5178)
The vulnerability allows a local authenticated user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drivers/nvme/target/tcp.c in nvmet_tcp_free_crypto due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.
28) Race condition (CVE-ID: CVE-2023-4155)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in KVM AMD Secure Encrypted Virtualization (SEV) in Linux kernel. A local user can exploit the race and escalate privileges on the system.
29) Improper Authorization (CVE-ID: CVE-2022-26691)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an error in implementation of "Local" authorization mechanism. A remote attacker can authenticate as to CUPS as root/admin without the 32-byte secret key and execute arbitrary code on the system.
30) Out-of-bounds read (CVE-ID: CVE-2020-10001)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the ippReadIO() function in CUPS. A remote attacker can send specially crafted data to the affected application, trigger an out-of-bounds read error and read contents of memory on the system or crash the service.
31) Use-after-free (CVE-ID: CVE-2023-34241)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in cupsdAcceptClient(). A remote attacker can cause a denial of service condition on the target system.
32) Heap-based buffer overflow (CVE-ID: CVE-2023-32324)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the format_log_line() function cups/string.c when the "loglevel" is set to "DEBUG". A remote attacker can pass specially crafted data to the daemon, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
33) Heap-based buffer overflow (CVE-ID: CVE-2020-3898)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing files within the ppdFindOption() function in cups. A remote attacker can send specially crafted data to the daemon, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
34) Stack-based buffer overflow (CVE-ID: CVE-2019-8696)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing SNMP requests within the asn1_get_packed() function in cups/snmp.c. A remote attacker with access to the the SNMP service can send a specially crafted request to the application, trigger a stack-based buffer oveflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
35) Stack-based buffer overflow (CVE-ID: CVE-2019-8675)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing SNMP requests within the asn1_get_type() function in cups/snmp.c. A remote attacker can send a specially crafted SNMP request to the CUPS service, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
36) Missing authorization (CVE-ID: CVE-2024-1488)
The vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to missing authorization in the unbound.service that listens on localhost on port 8953. A local user can send a specially crafted request and alter the server configuration.
37) Resource exhaustion (CVE-ID: CVE-2023-52425)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing large tokens. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
38) Race condition (CVE-ID: CVE-2023-4732)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition caused by a BUG statement referencing pmd_t x within the pfn_swap_entry_to_page () function. A local user can exploit the race and crash the kernel.
39) Use-after-free (CVE-ID: CVE-2023-4132)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the siano smsusb module in the Linux kernel. A local user can trigger a use-after-free error and crash the kernel.
40) Double Free (CVE-ID: CVE-2023-26545)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a double free in net/mpls/af_mpls.c during the renaming of a device. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
41) NULL pointer dereference (CVE-ID: CVE-2023-3772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the xfrm_update_ae_params() function in the IP framework for transforming packets (XFRM subsystem). A local user with CAP_NET_ADMIN privileges can perform a denial of service (DoS) attack.
42) Use-after-free (CVE-ID: CVE-2023-3609)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: cls_u32 component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
43) Use-after-free (CVE-ID: CVE-2023-35824)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dm1105_remove() function in drivers/media/pci/dm1105/dm1105.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
44) Race condition (CVE-ID: CVE-2023-35823)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the saa7134_finidev() function in drivers/media/pci/saa7134/saa7134-core.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
45) Race condition (CVE-ID: CVE-2023-33203)
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a race condition in drivers/net/ethernet/qualcomm/emac/emac.c. An attacker with physical access to the system can exploit the race by unplugging an emac based device and execute arbitrary code with elevated privileges.
46) Out-of-bounds read (CVE-ID: CVE-2023-3268)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the relay_file_read_start_pos() function in kernel/relay.c in the relayfs. A local user can trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
47) NULL pointer dereference (CVE-ID: CVE-2023-3212)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the gfs2 file system in the Linux kernel. A local user can perform a denial of service (DoS) attack.
48) Incorrect calculation (CVE-ID: CVE-2023-3161)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation in the Framebuffer Console (fbcon) in the Linux kernel. A local user can perform a denial of service (DoS) attack.
49) Out-of-bounds write (CVE-ID: CVE-2023-31436)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the qfq_change_class() function in net/sched/sch_qfq.c when handling the MTU value provided to the QFQ Scheduler. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
50) Use-after-free (CVE-ID: CVE-2023-3141)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the r592_remove() function of drivers/memstick/host/r592.c in media access in the Linux kernel. A local user can trigger a use-after-free error and escalate privileges on the system.
51) NULL pointer dereference (CVE-ID: CVE-2023-28328)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
52) Use-after-free (CVE-ID: CVE-2023-2162)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.
53) Out-of-bounds write (CVE-ID: CVE-2023-3812)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the TUN/TAP device driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
54) NULL pointer dereference (CVE-ID: CVE-2022-41858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the sl_tx_timeout() function in drivers/net/slip in Linux kernel. A local user can perform a denial of service (DoS) attack.
55) Race condition (CVE-ID: CVE-2023-33951)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition when handling GEM objects within the vmw_user_bo_lookup() function in drivers/gpu/drm/vmwgfx/vmwgfx_bo.c. A local user can exploit the race and gain unauthorized access to sensitive information on the system.
56) Deadlock (CVE-ID: CVE-2023-31084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a deadlock in drivers/media/dvb-core/dvb_frontend.c when a task is in !TASK_RUNNING. A local user can trigger a deadlock and crash the kernel.
57) Input validation error (CVE-ID: CVE-2023-30456)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of consistency for for CR0 and CR4 in arch/x86/kvm/vmx/nested.c in the Linux kernel. A local user can execute arbitrary code with elevated privileges.
58) Buffer overflow (CVE-ID: CVE-2023-28772)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the seq_buf_putmem_hex() function in lib/seq_buf.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
59) Out-of-bounds read (CVE-ID: CVE-2023-2176)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the compare_netdev_and_ip() function in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
60) NULL pointer dereference (CVE-ID: CVE-2023-2166)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in net/can/af_can.c when processing CAN frames. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.
61) NULL pointer dereference (CVE-ID: CVE-2023-1382)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in net/tipc/topsrv.c within the TIPC protocol implementation in the Linux kernel. A local user can perform a denial of service (DoS) attack.
62) Double Free (CVE-ID: CVE-2022-4744)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
63) Race condition (CVE-ID: CVE-2022-45887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition in drivers/media/usb/ttusb-dec/ttusb_dec.c in Linux kernel. A local user can exploit the race and crash the kernel.
64) Race condition (CVE-ID: CVE-2022-45869)
The vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to a race condition within the x86 KVM subsystem in the Linux kernel when nested virtualisation and the TDP MMU are enabled. A remote user on the guest OS can exploit the race and crash the host OS.
65) Use-after-free (CVE-ID: CVE-2022-40133)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the vmw_execbuf_tie_context() function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. A local user can run a specially crafted program on the system and perform a denial of service (DoS) attack.
66) Use-after-free (CVE-ID: CVE-2023-40283)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
67) Use-after-free (CVE-ID: CVE-2022-38457)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the vmw_cmd_res_check() function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. A local user can trigger a use-after-free error and crash the system.
68) NULL pointer dereference (CVE-ID: CVE-2022-38096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. A local user can perform a denial of service (DoS) attack.
69) Integer overflow (CVE-ID: CVE-2022-36402)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. A local user can trigger an integer overflow and crash the kernel.
70) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2022-3594)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the intr_callback() function in drivers/net/usb/r8152.c can be forced to include excessive data info the log files. A local user can read the log files and gain access to sensitive data.
Note, the vulnerability can be triggered remotely.
71) Buffer overflow (CVE-ID: CVE-2022-3545)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the area_cache_get() function in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
72) Double Free (CVE-ID: CVE-2022-28388)
The vulnerability allows a local user to execute arbitrary code with elevated privileges.
The vulnerability exists due to boundary error in the usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c. A local user can pass specially crafted data to the application, trigger double free error and execute arbitrary code with elevated privileges.
73) Out-of-bounds write (CVE-ID: CVE-2021-43975)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the hw_atl_utils_fw_rpc_wait() function in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c in Linux kernel. A local user can attach a specially crafted device to the system, trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
74) Path traversal (CVE-ID: CVE-2007-4559)
The vulnerability allows a remote attacker to compromise the affected system.
The
vulnerability exists due to improper validation of filenames in the
tarfile module in Python. A remote attacker can
create a specially crafted archive with symbolic links inside or
filenames that contain directory traversal characters (e.g. "..") and
overwrite arbitrary files on the system.
75) Cross-site scripting (CVE-ID: CVE-2014-3146)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
76) Cross-site scripting (CVE-ID: CVE-2018-19787)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to lxml/html/clean.py in the lxml.html.clean module does not remove javascript. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
77) Double free (CVE-ID: CVE-2023-33952)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when handling vmw_buffer_object objects within the vmw_user_bo_lookup() function in drivers/gpu/drm/vmwgfx/vmwgfx_bo.c. A local user can trigger a double free error and execute arbitrary code on the target system with elevated privileges.
78) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2023-45862)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the ENE UB6250 reader driver in drivers/usb/storage/ene_ub6250.c. A local user can trigger a boundary error and perform a denial of service (DoS) attack.
79) Out-of-bounds write (CVE-ID: CVE-2023-2163)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in BPF verifier caused by improper marking of
registers for precision tracking in certain situations. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
80) OS Command Injection (CVE-ID: CVE-2022-48624)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation within the close_altfile() function in filename.c. A remote attacker can trick the victim into using a specially crafted argument for the less command and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
81) Use-after-free (CVE-ID: CVE-2023-1192)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_is_status_io_timeout() function in Linux kernel. A local user can set environment variable to a specific value, trigger a use-after-free error and execute arbitrary code with elevated privileges.
82) Use-after-free (CVE-ID: CVE-2022-45919)
The vulnerability allows a local user to escalate privileges on the system.
83) Use-after-free (CVE-ID: CVE-2022-45884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in drivers/media/dvb-core/dvbdev.c in Linux kernel related to dvb_register_device() function dynamically allocating fops. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
84) Race condition (CVE-ID: CVE-2023-6546)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in the GSM 0710 tty multiplexor in the Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
85) Integer overflow (CVE-ID: CVE-2021-33631)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow when mounting a malicious filesystem. A local user can mount a specially crafted filesystem, trigger an integer overflow and execute arbitrary code.
86) Information disclosure (CVE-ID: CVE-2024-27269)
The vulnerability allows a remote privileged user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote privileged user can gain unauthorized access to sensitive information on the system.
87) Integer overflow (CVE-ID: CVE-2021-43618)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in mpz/inp_raw.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.
88) Out-of-bounds write (CVE-ID: CVE-2023-3138)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within src/InitExt.c in libX11. A remote attacker can send specially crafted data to the server, trigger an out-of-bounds write and perform a denial of service (DoS) attack.
89) Resource exhaustion (CVE-ID: CVE-2023-50868)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
90) Resource exhaustion (CVE-ID: CVE-2023-50387)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
91) Use-after-free (CVE-ID: CVE-2024-1086)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the netfilter nf_tables component in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code on the system.
92) Use-after-free (CVE-ID: CVE-2023-4921)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the qfq_dequeue() function within the the Linux kernel's net/sched: sch_qfq component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
93) Out-of-bounds write (CVE-ID: CVE-2024-0646)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when processing untrusted input in the Linux kernel’s Transport Layer Security functionality in the way a user calls a function splice with a ktls socket as the destination. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
94) Integer underflow (CVE-ID: CVE-2024-0565)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow within the receive_encrypted_standard() function in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. A remote attacker can trick the victim to connect to a malicious SMB server, trigger an integer underflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
95) Memory leak (CVE-ID: CVE-2023-7192)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the ctnetlink_create_conntrack() function in net/netfilter/nf_conntrack_netlink.c. A local user with CAP_NET_ADMIN privileges can perform denial of service attack.
96) Use-after-free (CVE-ID: CVE-2023-6932)
The vulnerability allows a local authenticated user to execute arbitrary code.
The vulnerability exists due to a use-after-free error within the ipv4 igmp component in Linux kernel. A local authenticated user can trigger a use-after-free error and execute arbitrary code.
97) Out-of-bounds write (CVE-ID: CVE-2023-6931)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the Linux kernel's Performance Events system component. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
98) Use-after-free (CVE-ID: CVE-2023-6817)
The vulnerability allows a local authenticated user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the netfilter nf_tables component in Linux kernel. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.
99) Out-of-bounds read (CVE-ID: CVE-2023-6610)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition within the smb2_dump_detail() function in fs/smb/client/smb2ops.c. A local user can trigger an out-of-bounds read error and gain access to sensitive information or crash the kernel.
100) Out-of-bounds read (CVE-ID: CVE-2023-6606)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition within the smbCalcSize() function in fs/smb/client/netmisc.c file. A local user can trigger an out-of-bounds read error and gain access to sensitive information or crash the kernel.
101) Use-after-free (CVE-ID: CVE-2023-5633)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error when running inside a VMware guest with 3D acceleration enabled. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
102) Use-after-free (CVE-ID: CVE-2023-51043)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in drivers/gpu/drm/drm_atomic.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
103) Use-after-free (CVE-ID: CVE-2023-51042)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_cs_wait_all_fences() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Remediation
Install update from vendor's website.