VIR Vulnerability Intelligence Relay

CVEs from 2023

8,275 normalized CVEs published or assigned in this year.

Total
8,275
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
2.7%
% with KEV
2.0%
% with exploit
2.0%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • openstack_platform 6
  • codeready_linux_builder_for_ibm_z_systems_eus 6
  • registrationmagic 6
  • codeready_linux_builder_eus 6
  • cbot_panel 6

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-52463 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-31315 high 8.0 2y ago Important: linux-firmware security update debianredhatrockylinuxsuse
CVE-2023-52771 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52880 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52796 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52864 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52651 high 8.0 2y ago Important: kernel security update redhatsuserockylinux
CVE-2023-52777 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52803 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52764 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52530 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52623 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52471 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52845 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52653 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52847 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52809 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52638 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxdebian
CVE-2023-52667 high 8.0 2y ago Important: kernel-rt security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52626 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52669 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52877 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52781 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52835 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52675 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52700 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-4727 high 8.0 2y ago Important: pki-core security update redhatrockylinuxdebian
CVE-2023-6597 high 8.0 2y ago Important: python3.9 security update redhatrockylinuxsusedebian
CVE-2023-20592 high 8.0 2y ago Important: linux-firmware security update debianrockylinuxsuse
CVE-2023-5090 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-53351 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check scheduler work queue before calling timeout handling During an IGT GPU reset test we see again oops despite of c… redhatsusedebian
CVE-2023-53632 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take RTNL lock when needed before calling xdp_set_features() Hold RTNL lock when calling xdp_set_features() with a reg… redhatsusedebian
CVE-2023-53352 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: check null pointer before accessing when swapping Add a check to avoid null pointer dereference as below: [ 90.002283… redhatsusedebian
CVE-2023-53713 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 … redhatsusedebian
CVE-2023-53663 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN inst… redhatsusedebian
CVE-2023-54173 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash, which is caused by using nesting protection w… redhatsusedebian
CVE-2023-45290 high 8.0 2y ago Important: git-lfs security update redhatrockylinuxsusedebian+1
CVE-2023-53394 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could b… redhatsusedebian
CVE-2023-53661 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a… redhatsusedebian
CVE-2023-45235 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-4813 high 8.0 2y ago Important: glibc security update redhatrockylinuxsusedebian
CVE-2023-52486 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53208 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1… redhatsusedebian
CVE-2023-53263 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calli… redhatsusedebian
CVE-2023-53256 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UU… redhatsusedebian
CVE-2023-54145 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" … redhatsusedebian
CVE-2023-53421 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq struc… redhatsusedebian
CVE-2023-53046 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hci_cmd_sync_clear There is a potential race condition in hci_cmd_sync_work and hci_cmd_sync_cle… redhatsusedebian
CVE-2023-53285 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in get_max_inline_xattr_value_size() Normally the extended attributes in the inode body would have been… redhatsusedebian
CVE-2023-54069 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may… redhatsusedebian
CVE-2023-54028 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task" In the function rxe_create_qp(), rxe_qp_from_init… redhatsusedebian
CVE-2023-53338 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: lwt: Fix return values of BPF xmit ops BPF encap ops can return different types of positive values, such like NET_RX_DROP, NET_XM… redhatsusedebian
CVE-2023-53150 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport(… redhatsusedebian
CVE-2023-53444 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thu… redhatsusedebian
CVE-2023-53209 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: Fix possible NULL dereference In a call to mac80211_hwsim_select_tx_link() the sta pointer might be NULL, t… redhatsusedebian
CVE-2023-54242 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by z… redhatsusedebian
CVE-2023-53004 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix tmpfile leak Missed an error cleanup. redhatsusedebian
CVE-2023-52999 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: fix UaF in netns ops registration error path If net_assign_generic() fails, the current error path in ops_init() tries to cl… redhatsusedebian
CVE-2023-54022 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at alloc_midi_urb… redhatsusedebian
CVE-2023-53151 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing write… redhatsusedebian
CVE-2023-53140 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a ra… redhatsusedebian
CVE-2023-54072 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against… redhatsusedebian
CVE-2023-53709 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity c… redhatsusedebian
CVE-2023-53248 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page tables, vm update fences are un… redhatsusedebian
CVE-2023-53193 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the h… redhatsusedebian
CVE-2023-39928 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-54302 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_… redhatsusedebian
CVE-2023-42883 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-53743 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Free released resource after coalescing release_resource() doesn't actually free the resource or resource list entry so free… redhatsusedebian
CVE-2023-45231 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-53304 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to releas… redhatsusedebian
CVE-2023-53149 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoi… redhatsusedebian
CVE-2023-53258 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix possible underflow for displays with large vblank [Why] Underflow observed when using a display with a large… redhatsusedebian
CVE-2023-53321 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such … redhatsusedebian
CVE-2023-54090 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDP_TX with > 64 CPUs Commit 4fe815850bdc ("ixgbe: let the xdpdrv work with more than 64 cpus") adds supp… redhatsusedebian
CVE-2023-53018 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leaks When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the m… redhatsusedebian
CVE-2023-45229 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-54274 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'mad_agent' pointer When unregistering MAD agent, srpt module has a non-null check for 'mad_agen… redhatsusedebian
CVE-2023-41983 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-54106 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the er… redhatsusedebian
CVE-2023-32359 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-52529 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2023-54014 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be derefere… redhatsusedebian
CVE-2023-52476 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53581 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the … redhatsusedebian
CVE-2023-53019 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bound… redhatsusedebian
CVE-2023-53097 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… redhatsusedebian
CVE-2023-53547 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix sdma v4 sw fini error Fix sdma v4 sw fini error for sdma 4.2.2 to solve the following general protection fault [… redhatsusedebian
CVE-2023-53843 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) re… redhatsusedebian
CVE-2023-53237 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the h… redhatsusedebian
CVE-2023-53711 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a… redhatsusedebian
CVE-2023-53823 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: disable the elevator int del_gendisk") move rq_qos… redhatsusedebian
CVE-2023-54229 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only ph… redhatsusedebian
CVE-2023-53490 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b ("mptcp: fix possible divide by zero in recvmsg()"), the mptcp p… redhatsusedebian
CVE-2023-53665 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and … redhatsusedebian
CVE-2023-53309 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an i… redhatsusedebian
CVE-2023-54148 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, … redhatsusedebian
CVE-2023-53545 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csa_va properly Root PD BO should be reserved before unmap and remove a bo_va from VM otherwise lock… redhatsusedebian
CVE-2023-53487 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas_flash: allow user copy to flash block cache objects With hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), usi… redhatsusedebian
CVE-2023-53577 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode e… redhatsusedebian