VIR Vulnerability Intelligence Relay

CVEs from 2023

6,664 normalized CVEs published or assigned in this year.

Total
6,664
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
3.3%
% with KEV
2.4%
% with exploit
2.5%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • openstack_platform 6
  • codeready_linux_builder_for_ibm_z_systems_eus 6
  • registrationmagic 6
  • codeready_linux_builder_eus 6
  • cbot_panel 6

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-52492 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure… redhatrockylinuxsusedebian
CVE-2023-52661 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() If clk_get_sys(..., "pll_d2_out0") fail… redhatsusedebian
CVE-2023-53702 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 ("crypto: s390 - add crypto library inter… redhatsusedebian
CVE-2023-52659 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type On 64-bit platforms, the pfn_to_kaddr() macro requires that th… redhatsusedebian
CVE-2023-53704 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() Replace of_iomap() and kzalloc() with devm_of_iomap() and d… redhatsusedebian
CVE-2023-53697 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in fun… redhatsusedebian
CVE-2023-52656 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS… redhatsusedebian
CVE-2023-53687 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk When the best clk is searched, we itera… redhatsusedebian
CVE-2023-27349 medium 5.5 2y ago Moderate: bluez security update redhatdebianrockylinuxsuse
CVE-2023-53674 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier bu… redhatsusedebian
CVE-2023-52650 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and retur… redhatsusedebian
CVE-2023-53662 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} If the filename casefolding fails, we'll be leaking memory f… redhatsusedebian
CVE-2023-52643 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: iio: core: fix memleak in iio_device_register_sysfs When iio_device_register_sysfs_group() fails, we should free iio_dev_opaque->… redhatsusedebian
CVE-2023-53613 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like … redhatsusedebian
CVE-2023-53597 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exce… redhatsusedebian
CVE-2023-52634 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic [Why] When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO… redhatsusedebian
CVE-2023-53596 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the … redhatsusedebian
CVE-2023-52632 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circul… redhatsusedebian
CVE-2023-53572 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entr… redhatsusedebian
CVE-2023-52649 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Avoid reading beyond LUT array When the floor LUT index (drm_fixp2int(lut_index) is the last index of the array the cei… redhatsusedebian
CVE-2023-53558 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() pr_info() is called with rtp->cbs_gbl_lock spin lock locked. … redhatsusedebian
CVE-2023-52624 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW t… redhatsusedebian
CVE-2023-52635 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop resu… redhatsusedebian
CVE-2023-51764 medium 5.5 2y ago Moderate: postfix security update redhatsuserockylinuxdebian
CVE-2023-53531 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: null_blk: fix poll request timeout handling When doing io_uring benchmark on /dev/nullb0, it's easy to crash the kernel if poll r… redhatsusedebian
CVE-2023-51596 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-52625 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't… redhatsusedebian
CVE-2023-53505 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra: tegra124-emc: Fix potential memory leak The tegra and tegra needs to be freed in the error handling path, otherwise i… redhatsusedebian
CVE-2023-53503 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: allow ext4_get_group_info() to fail Previously, ext4_get_group_info() would treat an invalid group number as BUG(), since i… redhatsusedebian
CVE-2023-53483 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Check for null return of devm_kzalloc() in fch_misc_setup() devm_kzalloc() may fail, clk_data->name might be NUL… redhatsusedebian
CVE-2023-53470 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If devlink_alloc() fails and we try to use dev… redhatsusedebian
CVE-2023-52606 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instruc… redhatrockylinuxsusedebian+1
CVE-2023-53402 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() call… redhatsusedebian
CVE-2023-53401 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() KCSAN found an issue in obj_stock_flush_required(): stock-… rockylinuxredhatsusedebian
CVE-2023-53397 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in is_executable_section() The > comparison should be >= to prevent an out of bounds array access. redhatsusedebian
CVE-2023-52482 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which e… redhatsusedebian
CVE-2023-53395 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI sp… redhatsusedebian
CVE-2023-53391 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfs_init_fs_context() for the … redhatsusedebian
CVE-2023-52595 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: restart beacon queue when hardware reset When a hardware reset is triggered, all registers are reset, so all queues… redhatrockylinuxsusedebian+1
CVE-2023-52758 medium 5.5 2y ago RHSA-2024:9315: kernel security update (Moderate) redhatsuse
CVE-2023-52594 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Fix an array-index-out-of-bounds read in ath9k_… redhatrockylinuxsusedebian+1
CVE-2023-52751 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2_query_info_compound() The following UAF was triggered when running fstests generic/072 wi… redhatsusedebian
CVE-2023-52475 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate dri… redhatsusedebian
CVE-2023-52585 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid… redhatsusedebian
CVE-2023-53291 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale Running the 'kfree_rcu_test' test case [1] results in a … redhatsusedebian
CVE-2023-53747 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF After a call to console_unlock() in vcs_write() the … redhatsusedebian
CVE-2023-53264 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically han… redhatsusedebian
CVE-2023-50229 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-53249 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle th… redhatsusedebian
CVE-2023-53230 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifs_smb3_do_mount() This fixes the following warning reported by kernel test robot fs/smb/client/… redhatsusedebian
CVE-2023-52565 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is bigger than the mask size, we might do an out of bound read. redhatrockylinuxsusedebian
CVE-2023-52637 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Lock jsk->sk to prevent UAF when setsockopt(..., … redhatsusedebian
CVE-2023-53220 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() In az6007_i2c_xfer, msg is controlled by user. When msg[i].buf is null and… redhatsusedebian
CVE-2023-52528 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg syzbot reported the following uninit-value access issue: ====… redhatrockylinuxsusedebian
CVE-2023-53182 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit 770653e3ba67c30a629ca7d12e352d83c2541b1e Be… redhatsusedebian
CVE-2023-52520 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribut… redhatrockylinuxsusedebian
CVE-2023-53178 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, w… rockylinuxredhatsusedebian
CVE-2023-52466 medium 5.5 2y ago RHSA-2024:9315: kernel security update (Moderate) redhatsuse
CVE-2023-52513 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the … redhatrockylinuxsusedebian
CVE-2023-53176 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port->pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the gene… redhatsusedebian
CVE-2023-53173 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: pcn_uart: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… redhatsusedebian
CVE-2023-51594 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-52498 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume… redhatsusedebian
CVE-2023-51592 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-52621 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers ar… redhatsusedebian
CVE-2023-50967 medium 5.5 2y ago Moderate: jose security update redhatdebianrockylinux
CVE-2023-44431 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-41910 medium 5.5 2y ago Moderate: lldpd security update redhatalmalinuxrockylinuxdebian
CVE-2023-6681 medium 5.5 2y ago Moderate: python-jwcrypto security update redhatrockylinuxsusedebian+1
CVE-2023-52467 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory w… redhatsusedebian
CVE-2023-50230 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-52473 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_… redhatsusedebian
CVE-2023-54165 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zs_map_object() to zs_malloc() Under memory pressure, we sometimes observe the following crash: [… redhatsusedebian
CVE-2023-51580 medium 5.5 2y ago Moderate: bluez security update redhatdebiansuserockylinux
CVE-2023-53068 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket b… redhatsusedebian
CVE-2023-51589 medium 5.5 2y ago Moderate: bluez security update redhatdebianrockylinuxsuse
CVE-2023-52462 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot… redhatsusedebian
CVE-2023-53059 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger `… redhatsusedebian
CVE-2023-52455 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are… redhatsusedebian
CVE-2023-53997 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone paramet… redhatsusedebian
CVE-2023-52445 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thr… redhatrockylinuxsusedebian
CVE-2023-52664 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aq_ring_… redhatsusedebian
CVE-2023-52935 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix ->anon_vma race If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires it to be locked. Pa… redhatsusedebian
CVE-2023-52477 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/h… redhatrockylinuxsusedebian
CVE-2023-52932 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add cond_resched() in get_swap_pages() The softlockup still occurs in get_swap_pages() under memory pressure. 64 CP… redhatsusedebian
CVE-2023-52902 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: nommu: fix memory leak in do_mmap() error path The preallocation of the maple tree nodes may leak if the error path to "error_jus… redhatsusedebian
CVE-2023-52920 medium 5.5 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction (jump) history to record instruction… susedebianlinux
CVE-2023-54153 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch "ext4: don't BUG on inconsisten… redhatsusedebian
CVE-2023-48161 medium 5.5 2y ago Moderate: java-21-openjdk security update redhatrockylinuxdebiansuse
CVE-2023-39368 medium 5.5 2y ago Moderate: microcode_ctl security update almalinuxredhatsusedebian+1
CVE-2023-45733 medium 5.5 2y ago Moderate: microcode_ctl security update almalinuxredhatsusedebian+1
CVE-2023-22655 medium 5.5 2y ago Moderate: microcode_ctl security update redhatsusedebianrockylinux
CVE-2023-46103 medium 5.5 2y ago Moderate: microcode_ctl security update almalinuxredhatsusedebian+1
CVE-2023-38575 medium 5.5 2y ago Moderate: microcode_ctl security update almalinuxredhatsusedebian+1
CVE-2023-43490 medium 5.5 2y ago Moderate: microcode_ctl security update redhatalmalinuxsusedebian+1
CVE-2023-31356 medium 5.5 2y ago Moderate: linux-firmware security update debianredhatrockylinuxsuse
CVE-2023-20584 medium 5.5 2y ago Moderate: linux-firmware security update debianredhatrockylinuxsuse
CVE-2023-52439 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_devic… redhatrockylinuxsusedebian
CVE-2023-52801 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_area In iopt_area_split(), if the original iopt_area has filled… redhatsuserockylinuxdebian
CVE-2023-6349 medium 5.5 2y ago Moderate: libvpx security update rockylinuxsusedebian