VIR Vulnerability Intelligence Relay

CVEs from 2023

8,568 normalized CVEs published or assigned in this year.

Total
8,568
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
2.6%
% with KEV
1.9%
% with exploit
1.9%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • openstack_platform 6
  • codeready_linux_builder_for_ibm_z_systems_eus 6
  • registrationmagic 6
  • codeready_linux_builder_eus 6
  • cbot_panel 6

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-52463 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-31315 high 8.0 2y ago Important: linux-firmware security update debianredhatrockylinuxsuse
CVE-2023-52771 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52880 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52651 high 8.0 2y ago Important: kernel security update redhatsuserockylinux
CVE-2023-52796 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52864 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52764 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52847 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52471 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52653 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52530 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52623 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52845 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52777 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52803 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52809 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52638 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxdebian
CVE-2023-52667 high 8.0 2y ago Important: kernel-rt security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52626 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52700 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52835 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52669 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52781 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52877 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52675 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-4727 high 8.0 2y ago Important: pki-core security update redhatrockylinuxdebian
CVE-2023-6597 high 8.0 2y ago Important: python3.9 security update redhatrockylinuxsusedebian
CVE-2023-20592 high 8.0 2y ago Important: linux-firmware security update debianrockylinuxsuse
CVE-2023-5090 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-54145 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" … redhatsusedebian
CVE-2023-53487 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas_flash: allow user copy to flash block cache objects With hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), usi… redhatsusedebian
CVE-2023-54251 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() ca… redhatsusedebian
CVE-2023-53270 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggeri… redhatsusedebian
CVE-2023-42756 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2023-52984 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe() function is only used for the DP83822 PHY, leav… redhatsusedebian
CVE-2023-52478 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53823 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: disable the elevator int del_gendisk") move rq_qos… redhatsusedebian
CVE-2023-52832 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-54137 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix cap_migration information leak Fix an information leak where an uninitialized hole in struct vfio_iommu_type1_inf… redhatsusedebian
CVE-2023-53235 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/tests: helpers: Avoid a driver uaf when using __drm_kunit_helper_alloc_drm_device() the driver may be dereferenced by device-… redhatsusedebian
CVE-2023-54091 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with… redhatsusedebian
CVE-2023-54302 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_… redhatsusedebian
CVE-2023-54312 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct. redhatsusedebian
CVE-2023-53421 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq struc… redhatsusedebian
CVE-2023-54242 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by z… redhatsusedebian
CVE-2023-6546 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatrockylinuxsusedebian+1
CVE-2023-53275 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often… redhatsusedebian
CVE-2023-53743 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Free released resource after coalescing release_resource() doesn't actually free the resource or resource list entry so free… redhatsusedebian
CVE-2023-52486 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53293 high 8.0 2y ago RHSA-2024:2394: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2023-54135 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offse… redhatsusedebian
CVE-2023-53860 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption tha… redhatsusedebian
CVE-2023-52470 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53821 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix slab-use-after-free in decode_session6 When ipv6_vti device is set to the qdisc of the sfb type, the cb field of the… redhatsusedebian
CVE-2023-53791 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from export_rdev() Commit a1d767191096 ("md: use mddev->external to select holder in export_r… redhatsusedebian
CVE-2023-53663 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN inst… redhatsusedebian
CVE-2023-53661 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a… redhatsusedebian
CVE-2023-53652 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr whe… redhatsusedebian
CVE-2023-53649 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel->priv area In 3cb4d5e00e037c70 ("perf trace: Free syscall tp fields in evsel->priv") it only wa… redhatsusedebian
CVE-2023-53645 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpf_refcount_acquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpf_ref… redhatsusedebian
CVE-2023-54316 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following … redhatsusedebian
CVE-2023-53632 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take RTNL lock when needed before calling xdp_set_features() Hold RTNL lock when calling xdp_set_features() with a reg… redhatsusedebian
CVE-2023-53586 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN_RESET handling This fixes a bug where an initiator thinks a LUN_RESET has cleaned up running comma… redhatsusedebian
CVE-2023-52934 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups In commit 34488399fa08 ("mm/madvise: add file and shmem support to MADV_COLL… redhatsusedebian
CVE-2023-54062 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4_xattr_move_to_block() In ext4_xattr_move_to_block(), the value of the extended attribute … redhatsusedebian
CVE-2023-54060 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: iommufd: Set end correctly when doing batch carry Even though the test suite covers this it somehow became obscured that this was… redhatsusedebian
CVE-2023-54148 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, … redhatsusedebian
CVE-2023-53352 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: check null pointer before accessing when swapping Add a check to avoid null pointer dereference as below: [ 90.002283… redhatsusedebian
CVE-2023-53354 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: skbuff: skb_segment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 ("skbuff: in skb_segment, call zeroco… redhatsusedebian
CVE-2023-53713 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 … redhatsusedebian
CVE-2023-53280 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up… redhatsusedebian
CVE-2023-53490 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b ("mptcp: fix possible divide by zero in recvmsg()"), the mptcp p… redhatsusedebian
CVE-2023-53256 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UU… redhatsusedebian
CVE-2023-5574 high 8.0 2y ago Important: tigervnc security update redhatsusedebian
CVE-2023-53665 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and … redhatsusedebian
CVE-2023-53709 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity c… redhatsusedebian
CVE-2023-32359 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-53365 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f8… redhatsusedebian
CVE-2023-52476 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-45235 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-54069 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may… redhatsusedebian
CVE-2023-54006 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-race around unix_tot_inflight. unix_tot_inflight is changed under spin_lock(unix_gc_lock), but unix_release_soc… redhatsusedebian
CVE-2023-53304 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to releas… redhatsusedebian
CVE-2023-53338 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: lwt: Fix return values of BPF xmit ops BPF encap ops can return different types of positive values, such like NET_RX_DROP, NET_XM… redhatsusedebian
CVE-2023-53581 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the … redhatsusedebian
CVE-2023-53761 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a use… redhatsusedebian
CVE-2023-53730 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be … redhatsusedebian
CVE-2023-53046 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hci_cmd_sync_clear There is a potential race condition in hci_cmd_sync_work and hci_cmd_sync_cle… redhatsusedebian
CVE-2023-45231 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-53384 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiex_handle_uap_rx_forward()', always check the value returned … redhatsusedebian
CVE-2023-52999 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: fix UaF in netns ops registration error path If net_assign_generic() fails, the current error path in ops_init() tries to cl… redhatsusedebian
CVE-2023-53321 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such … redhatsusedebian
CVE-2023-54072 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against… redhatsusedebian
CVE-2023-53208 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1… redhatsusedebian
CVE-2023-53004 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix tmpfile leak Missed an error cleanup. redhatsusedebian
CVE-2023-53647 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus clien… redhatsusedebian
CVE-2023-53140 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a ra… redhatsusedebian
CVE-2023-53151 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing write… redhatsusedebian
CVE-2023-53444 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thu… redhatsusedebian