VIR Vulnerability Intelligence Relay

CVEs from 2023

8,275 normalized CVEs published or assigned in this year.

Total
8,275
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
2.7%
% with KEV
2.0%
% with exploit
2.0%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • openstack_platform 6
  • codeready_linux_builder_for_ibm_z_systems_eus 6
  • registrationmagic 6
  • codeready_linux_builder_eus 6
  • cbot_panel 6

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-52463 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-31315 high 8.0 2y ago Important: linux-firmware security update debianredhatrockylinuxsuse
CVE-2023-52880 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52771 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52651 high 8.0 2y ago Important: kernel security update redhatsuserockylinux
CVE-2023-52796 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52864 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52777 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52764 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52847 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52845 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52623 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52803 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52653 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52530 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52471 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52809 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52638 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxdebian
CVE-2023-52667 high 8.0 2y ago Important: kernel-rt security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52626 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52669 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52700 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52675 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52835 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52781 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52877 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-4727 high 8.0 2y ago Important: pki-core security update redhatrockylinuxdebian
CVE-2023-6597 high 8.0 2y ago Important: python3.9 security update redhatrockylinuxsusedebian
CVE-2023-20592 high 8.0 2y ago Important: linux-firmware security update debianrockylinuxsuse
CVE-2023-5090 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-53094 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: <p… redhatsusedebian
CVE-2023-54242 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by z… redhatsusedebian
CVE-2023-53304 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to releas… redhatsusedebian
CVE-2023-52486 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53004 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix tmpfile leak Missed an error cleanup. redhatsusedebian
CVE-2023-54229 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only ph… redhatsusedebian
CVE-2023-52450 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2023-53270 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggeri… redhatsusedebian
CVE-2023-54302 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_… redhatsusedebian
CVE-2023-54145 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" … redhatsusedebian
CVE-2023-51043 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2023-53863 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes addre… redhatsusedebian
CVE-2023-45290 high 8.0 2y ago Important: git-lfs security update redhatrockylinuxsusedebian+1
CVE-2023-52881 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian+1
CVE-2023-52522 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53673 high 8.0 2y ago Important: kernel-rt security update rockylinuxredhatsusedebian
CVE-2023-54014 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be derefere… redhatsusedebian
CVE-2023-53221 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memleak due to fentry attach failure If it fails to attach fentry, the allocated bpf trampoline image will be left in th… redhatsusedebian
CVE-2023-54312 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct. redhatsusedebian
CVE-2023-53317 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mb_find_extent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables dela… redhatsusedebian
CVE-2023-42852 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-53152 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, whic… redhatsusedebian
CVE-2023-52934 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups In commit 34488399fa08 ("mm/madvise: add file and shmem support to MADV_COLL… redhatsusedebian
CVE-2023-54283 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpf_lru_list KCSAN reported a data-race when accessing node->ref. Although node->ref does not have t… redhatsusedebian
CVE-2023-52984 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe() function is only used for the DP83822 PHY, leav… redhatsusedebian
CVE-2023-53016 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. Whil… redhatsusedebian
CVE-2023-53823 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: disable the elevator int del_gendisk") move rq_qos… redhatsusedebian
CVE-2023-54135 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offse… redhatsusedebian
CVE-2023-53365 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f8… redhatsusedebian
CVE-2023-32359 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-54156 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is resetting efx_net_stats() (.ndo_get_stats64) can be called during an ethtool self… redhatsusedebian
CVE-2023-42875 high 8.0 2y ago Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory… redhatarchsusedebian
CVE-2023-53663 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN inst… redhatsusedebian
CVE-2023-53661 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a… redhatsusedebian
CVE-2023-53354 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: skbuff: skb_segment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 ("skbuff: in skb_segment, call zeroco… redhatsusedebian
CVE-2023-53280 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up… redhatsusedebian
CVE-2023-52999 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: fix UaF in netns ops registration error path If net_assign_generic() fails, the current error path in ops_init() tries to cl… redhatsusedebian
CVE-2023-53545 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csa_va properly Root PD BO should be reserved before unmap and remove a bo_va from VM otherwise lock… redhatsusedebian
CVE-2023-53208 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1… redhatsusedebian
CVE-2023-52529 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2023-53237 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the h… redhatsusedebian
CVE-2023-54201 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially … redhatsusedebian
CVE-2023-54251 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() ca… redhatsusedebian
CVE-2023-45231 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-53309 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an i… redhatsusedebian
CVE-2023-53097 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… redhatsusedebian
CVE-2023-54038 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link hci_connect_sco currently returns NULL when there is no… redhatsusedebian
CVE-2023-53252 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync hci_update_accept_list_sync iterates over hdev->pend_le_con… redhatsusedebian
CVE-2023-53293 high 8.0 2y ago RHSA-2024:2394: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2023-45229 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-53057 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hci_init_stage_sync(stage) considers that stage[i] is v… redhatsusedebian
CVE-2023-40414 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-53857 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.13756… redhatsusedebian
CVE-2023-53415 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, ot… redhatsusedebian
CVE-2023-53611 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff… redhatsusedebian
CVE-2023-53649 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel->priv area In 3cb4d5e00e037c70 ("perf trace: Free syscall tp fields in evsel->priv") it only wa… redhatsusedebian
CVE-2023-54137 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix cap_migration information leak Fix an information leak where an uninitialized hole in struct vfio_iommu_type1_inf… redhatsusedebian
CVE-2023-53791 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from export_rdev() Commit a1d767191096 ("md: use mddev->external to select holder in export_r… redhatsusedebian
CVE-2023-53525 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Allow UD qp_type to join multicast only As for multicast: - The SIDR is the only mode that makes sense; - Besides PS_UD… redhatsusedebian
CVE-2023-53652 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr whe… redhatsusedebian
CVE-2023-54091 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with… redhatsusedebian
CVE-2023-54003 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrenc… redhatsusedebian
CVE-2023-53343 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev(). With some IPv6 Ext Hdr (RPL, SRv6, etc.), we can send a pa… redhatsusedebian
CVE-2023-53847 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value… redhatsusedebian
CVE-2023-45289 high 8.0 2y ago Important: git-lfs security update redhatrockylinuxsusedebian+1
CVE-2023-53019 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bound… redhatsusedebian
CVE-2023-53999 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act tab… redhatsusedebian
CVE-2023-53580 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: core: Help prevent panic during UVC unconfigure Avichal Rakesh reported a kernel panic that occurred when the UVC ga… redhatsusedebian
CVE-2023-53150 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport(… redhatsusedebian
CVE-2023-53322 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due to use after free. Current code allows terminate_rport_io t… redhatsusedebian