VIR Vulnerability Intelligence Relay

CVEs from 2023

6,664 normalized CVEs published or assigned in this year.

Total
6,664
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
3.3%
% with KEV
2.4%
% with exploit
2.5%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • openstack_platform 6
  • codeready_linux_builder_for_ibm_z_systems_eus 6
  • registrationmagic 6
  • codeready_linux_builder_eus 6
  • cbot_panel 6

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-54152 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939_sk_errqueue() This commit addresses a deadlock situation that can occur in certain s… redhatsusedebian
CVE-2023-54119 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen … redhatsusedebian
CVE-2023-53426 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: xsk: Fix xsk_diag use-after-free error during socket cleanup Fix a use-after-free error that is possible if the xsk_diag interfac… redhatsusedebian
CVE-2023-52941 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions:… redhatsusedebian
CVE-2023-52355 medium 5.5 7mo ago An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of servic… redhatsusedebian
CVE-2023-53494 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all o… redhatsusedebian
CVE-2023-53257 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame. susedebian
CVE-2023-53226 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwifiex_process_sta_rx_packet… susedebian
CVE-2023-53386 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 ("Bluetooth: Fix use-after-free in hci_rem… rockylinuxsusedebian
CVE-2023-53331 medium 5.5 7mo ago In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a ("pstore/ram: Do not treat empty buffers as valid"), … redhatsuserockylinuxdebian
CVE-2023-53373 medium 5.5 8mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in a… redhatrockylinuxsusedebian
CVE-2023-53305 medium 5.5 8mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2cap_le_command_rej. rockylinuxsusedebian
CVE-2023-53125 medium 5.5 8mo ago In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket bu… redhatsusedebian
CVE-2023-52933 medium 5.5 11mo ago In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count A Sysbot [1] corrupted filesystem exposes two flaws in the handling… redhatsusedebian
CVE-2023-24824 medium 5.5 1y ago Moderate: pandoc security update rockylinuxdebian
CVE-2023-54313 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_… redhatsusedebian
CVE-2023-54278 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled") the k… redhatsusedebian
CVE-2023-54230 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_n… redhatsusedebian
CVE-2023-54117 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk associatio… redhatsusedebian
CVE-2023-54089 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was -------… redhatsusedebian
CVE-2023-53989 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check Both create_mapping_noalloc() and update_mapping_prot() sanity-check their 'virt' parameter,… redhatsusedebian
CVE-2023-53859 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark arch_cpu_idle() noinstr linux-next commit ("cpuidle: tracing: Warn about !rcu_is_watching()") adds a new warning … redhatsusedebian
CVE-2023-52917 medium 5.5 1y ago RHSA-2025:6966: kernel security update (Moderate) redhatsuse
CVE-2023-52672 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wr_wait after setting max_usage Commit c73be61cede5 ("pipe: Add general notification queue support") a regression wa… redhatsusedebian
CVE-2023-53654 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation before accessing cgx and lmac with the addition of new MAC blocks like CN10K RPM and CN10KB RPM_USX,… redhatsusedebian
CVE-2023-53595 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: mcs: Fix NULL pointer dereferences When system is rebooted after creating macsec interface below NULL pointer deref… redhatsusedebian
CVE-2023-53568 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated … redhatsusedebian
CVE-2023-53555 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damo_filter->list from damos_new_filter() damos_new_filter() is not initializing the list field of newl… redhatsusedebian
CVE-2023-53519 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock … redhatsusedebian
CVE-2023-46751 medium 5.5 1y ago Moderate: ghostscript security update redhatrockylinuxdebiansuse
CVE-2023-53287 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this can… redhatsusedebian
CVE-2023-53261 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: coresight: Fix memory leak in acpi_buffer->pointer There are memory leaks reported by kmemleak: ... unreferenced object 0xffff002… redhatsusedebian
CVE-2023-53260 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_permission() Following process: P1 P2 path_lookupat lin… redhatsusedebian
CVE-2023-53196 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3_qcom_probe() allocates memory for resource structure which is pointed by… redhatsusedebian
CVE-2023-54322 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: arm64: set __exception_irq_entry with __irq_entry as a default filter_irq_stacks() is supposed to cut entries which are related i… redhatsusedebian
CVE-2023-53117 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369 redhatsusedebian
CVE-2023-53066 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info We have to make sure that the info returned by the helper is va… redhatsusedebian
CVE-2023-53510 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is… redhatsusedebian
CVE-2023-6693 medium 5.5 1y ago A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_V… redhatrockylinuxsusedebian
CVE-2023-52490 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash… redhatsusedebian
CVE-2023-41053 medium 5.5 2y ago Moderate: redis:7 security update redhatsusedebian
CVE-2023-52869 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: pstore/platform: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to a… redhatsusedebian
CVE-2023-51592 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-51594 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-52859 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allo… redhatsusedebian
CVE-2023-54323 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxl_pci; modprobe -r cxl_pci; done ...f… redhatsusedebian
CVE-2023-52837 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_di… redhatsusedebian
CVE-2023-51580 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-50230 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-54301 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: serial: 8250_bcm7271: fix leak in `brcmuart_probe` Smatch reports: drivers/tty/serial/8250/8250_bcm7271.c:1120 brcmuart_probe() w… redhatsusedebian
CVE-2023-52867 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after acces… redhatsusedebian
CVE-2023-54299 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the devi… redhatsusedebian
CVE-2023-52833 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date->evt_skb is NULL check fix crash because of null pointers [ 6104.969662] BUG: kernel NULL pointer der… redhatsusedebian
CVE-2023-51589 medium 5.5 2y ago Moderate: bluez security update redhatdebianrockylinuxsuse
CVE-2023-54298 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quark_dts: fix error pointer dereference If alloc_soc_dts() fails, then we can just return. Trying to free "soc_… redhatsusedebian
CVE-2023-54291 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vduse_vdpa_set_vq_affinity callback can be called with NULL value as cpu_mask when deleting t… redhatsusedebian
CVE-2023-52831 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, th… redhatsusedebian
CVE-2023-54268 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fill_pool() syzbot is reporting a lockdep warning in fill_pool() because the allocation f… redhatsusedebian
CVE-2023-52819 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexibl… redhatsusedebian
CVE-2023-54271 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init blk-iocost sometimes causes the following crash… redhatsusedebian
CVE-2023-54267 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT lppaca_shared_proc() takes a pointer to the lppaca which is t… redhatsusedebian
CVE-2023-52814 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpu_ras_get_context may return NULL if device not support ras feature, s… redhatsusedebian
CVE-2023-54246 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used… redhatsusedebian
CVE-2023-54244 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used insid… redhatsusedebian
CVE-2023-38709 medium 5.5 2y ago Moderate: httpd security update debianredhatrockylinuxsuse
CVE-2023-54227 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to… redhatsusedebian
CVE-2023-52788 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: i915/perf: Fix NULL deref bugs with drm_dbg() calls When i915 perf interface is not available dereferencing it will lead to NULL … redhatsusedebian
CVE-2023-52757 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() callers seem to hold a reference of @mid so there is no… redhatsusedebian
CVE-2023-54198 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in tty_driver_lookup_tty() When specifying an invalid console= device like console=tty3270, tty_dri… redhatsusedebian
CVE-2023-54194 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack shown below is a scenario in the Linux 4.19 kernel… redhatsusedebian
CVE-2023-54165 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zs_map_object() to zs_malloc() Under memory pressure, we sometimes observe the following crash: [… redhatsusedebian
CVE-2023-52749 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous (noqueue) transfer can be active during a system… redhatsusedebian
CVE-2023-54172 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking (IBT), Hyp… redhatsusedebian
CVE-2023-52740 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch The RFI and STF security mitigation options can fl… redhatsusedebian
CVE-2023-50229 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-54136 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns failure to avoid memory leak. redhatsusedebian
CVE-2023-54146 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"), freei… redhatsusedebian
CVE-2023-52731 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix invalid page access after closing deferred I/O devices When a fbdev with deferred I/O is once opened and closed, the d… redhatsusedebian
CVE-2023-52698 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass() If IPv6 support is disabled at boot (ipv6.disable=1), the calipso_init() ->… redhatsusedebian
CVE-2023-51596 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-54114 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong sk… redhatsusedebian
CVE-2023-54118 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early,… redhatsusedebian
CVE-2023-52697 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() are used by different codecs,… redhatsusedebian
CVE-2023-54113 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the obje… redhatsusedebian
CVE-2023-54095 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to… redhatsusedebian
CVE-2023-53997 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone paramet… redhatsusedebian
CVE-2023-54093 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null… redhatsusedebian
CVE-2023-52696 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory w… redhatsusedebian
CVE-2023-54083 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and… redhatsusedebian
CVE-2023-54066 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer In gl861_i2c_master_xfer, msg is controlled by user. When m… redhatsusedebian
CVE-2023-52690 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory … redhatsusedebian
CVE-2023-54019 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues w… redhatsusedebian
CVE-2023-54010 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects ACPICA commit 0d5f467d6a0ba852ea3aad68663cbc… redhatsusedebian
CVE-2023-52689 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing mutex lock around get meter levels As scarlett2_meter_ctl_get() uses meter_level_map[], the data_mut… redhatsusedebian
CVE-2023-53861 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash… redhatsusedebian
CVE-2023-52680 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not check… redhatsusedebian
CVE-2023-53858 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has… redhatsusedebian
CVE-2023-52676 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the … redhatsusedebian
CVE-2023-52501 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt to read past "commit" When iterating over the ring buffer while the ring buffer is active, the writer… redhatsusedebian
CVE-2023-52674 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and S… redhatsusedebian