VIR Vulnerability Intelligence Relay

CVEs from 2023

8,275 normalized CVEs published or assigned in this year.

Total
8,275
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
2.7%
% with KEV
2.0%
% with exploit
2.0%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • openstack_platform 6
  • codeready_linux_builder_for_ibm_z_systems_eus 6
  • registrationmagic 6
  • codeready_linux_builder_eus 6
  • cbot_panel 6

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-52463 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-31315 high 8.0 2y ago Important: linux-firmware security update debianredhatrockylinuxsuse
CVE-2023-52771 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52880 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2023-52864 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52796 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52651 high 8.0 2y ago Important: kernel security update redhatsuserockylinux
CVE-2023-52623 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52653 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52530 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52777 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52803 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52847 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52471 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52764 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52845 high 8.0 2y ago Important: kernel security update rockylinuxsusedebianalmalinux
CVE-2023-52809 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-52638 high 8.0 2y ago Important: kernel security update redhatsuserockylinuxdebian
CVE-2023-52667 high 8.0 2y ago Important: kernel-rt security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52626 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-52700 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52835 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52669 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52781 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52675 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-52877 high 8.0 2y ago Important: kernel security and bug fix update rockylinuxsusedebianalmalinux
CVE-2023-4727 high 8.0 2y ago Important: pki-core security update redhatrockylinuxdebian
CVE-2023-6597 high 8.0 2y ago Important: python3.9 security update redhatrockylinuxsusedebian
CVE-2023-20592 high 8.0 2y ago Important: linux-firmware security update debianrockylinuxsuse
CVE-2023-5090 high 8.0 2y ago Important: kernel security and bug fix update redhatrockylinuxsusedebian
CVE-2023-53228 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop redundant sched job cleanup when cs is aborted Once command submission failed due to userptr invalidation in amd… redhatsusedebian
CVE-2023-53844 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. F… redhatsusedebian
CVE-2023-53285 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in get_max_inline_xattr_value_size() Normally the extended attributes in the inode body would have been… redhatsusedebian
CVE-2023-53444 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thu… redhatsusedebian
CVE-2023-53536 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blk_crypto_evict_key() more robust If blk_crypto_evict_key() sees that the key is still in-use (due to a bug) or… redhatsusedebian
CVE-2023-53290 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's run_bpf_prog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected bran… redhatsusedebian
CVE-2023-53473 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree featu… redhatsusedebian
CVE-2023-53501 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind When unbinding pasid - a race condition exists vs … redhatsusedebian
CVE-2023-53993 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y After a pci_doe_task completes, its work_struct needs to be destroyed to avo… redhatsusedebian
CVE-2023-6040 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-28866 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2023-53559 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field… redhatsusedebian
CVE-2023-53530 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel:… redhatsusedebian
CVE-2023-53995 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bo… redhatsusedebian
CVE-2023-53833 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL ptr deref by checking new_crtc_state intel_atomic_get_new_crtc_state can return NULL, unless crtc state wasn't… redhatsusedebian
CVE-2023-53004 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix tmpfile leak Missed an error cleanup. redhatsusedebian
CVE-2023-53321 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such … redhatsusedebian
CVE-2023-53338 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: lwt: Fix return values of BPF xmit ops BPF encap ops can return different types of positive values, such like NET_RX_DROP, NET_XM… redhatsusedebian
CVE-2023-46862 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebianalmalinux
CVE-2023-53235 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/tests: helpers: Avoid a driver uaf when using __drm_kunit_helper_alloc_drm_device() the driver may be dereferenced by device-… redhatsusedebian
CVE-2023-42756 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2023-54296 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the… redhatsusedebian
CVE-2023-53550 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix global sysfs attribute type In commit 3666062b87ec ("cpufreq: amd-pstate: move to use bus_get_dev_root()… redhatsusedebian
CVE-2023-53140 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a ra… redhatsusedebian
CVE-2023-54048 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Drive… redhatsusedebian
CVE-2023-54120 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to … redhatsusedebian
CVE-2023-53263 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calli… redhatsusedebian
CVE-2023-54076 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->d… redhatsusedebian
CVE-2023-53546 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the … redhatsusedebian
CVE-2023-54173 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash, which is caused by using nesting protection w… redhatsusedebian
CVE-2023-54096 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for sound… redhatsusedebian
CVE-2023-54026 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() retu… redhatsusedebian
CVE-2023-53180 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid NULL pointer access during management transmit cleanup Currently 'ar' reference is not added in skb_cb. Thoug… redhatsusedebian
CVE-2023-53628 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop gfx_v11_0_cp_ecc_error_irq_funcs The gfx.cp_ecc_error_irq is retired in gfx11. In gfx_v11_0_hw_fini still use am… redhatsusedebian
CVE-2023-54052 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem… redhatsusedebian
CVE-2023-53164 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe of_irq_find_parent() returns a node pointer with refcount incre… redhatsusedebian
CVE-2023-52973 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF After a call to console_unlock() in vcs_read() the vc_d… redhatsusedebian
CVE-2023-53248 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page tables, vm update fences are un… redhatsusedebian
CVE-2023-53151 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing write… redhatsusedebian
CVE-2023-54154 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix target_cmd_counter leak The target_cmd_counter struct allocated via target_alloc_cmd_counter() is never f… redhatsusedebian
CVE-2023-54316 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following … redhatsusedebian
CVE-2023-53149 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoi… redhatsusedebian
CVE-2023-53784 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm: bridge: dw_hdmi: fix connector access for scdc Commit 5d844091f237 ("drm/scdc-helper: Pimp SCDC debugs") changed the scdc in… redhatsusedebian
CVE-2023-54184 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That … redhatsusedebian
CVE-2023-41983 high 8.0 2y ago Important: webkit2gtk3 security update redhatrockylinuxsusedebian
CVE-2023-53017 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() When hci_cmd_sync_queue() failed in hci_update_adv_data(), inst_ptr… redhatsusedebian
CVE-2023-53666 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix missing mbhc init error handling MBHC initialisation can fail so add the missing error handling to avo… redhatsusedebian
CVE-2023-42875 high 8.0 2y ago Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory… redhatarchsusedebian
CVE-2023-53370 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix memory leak in mes self test The fences associated with mes queue have to be freed up during amdgpu_ring_fini. redhatsusedebian
CVE-2023-54064 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapte… redhatsusedebian
CVE-2023-52486 high 8.0 2y ago Important: kernel security update redhatrockylinuxsusedebian+1
CVE-2023-53210 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() r5l_flush_stripe_to_raid() will check if the list 'flushing_ios… redhatsusedebian
CVE-2023-53442 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at … redhatsusedebian
CVE-2023-54135 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offse… redhatsusedebian
CVE-2023-53057 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hci_init_stage_sync(stage) considers that stage[i] is v… redhatsusedebian
CVE-2023-53192 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size The nexthop code expects a 31 bit hash, such as what is returned by fib_multipath_hash() and rt6_mul… redhatsusedebian
CVE-2023-45231 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2023-54242 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by z… redhatsusedebian
CVE-2023-53490 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b ("mptcp: fix possible divide by zero in recvmsg()"), the mptcp p… redhatsusedebian
CVE-2023-53664 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate() "opp" pointer is dereferenced before the IS_ERR_OR_NU… redhatsusedebian
CVE-2023-53665 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and … redhatsusedebian
CVE-2023-53810 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blk_crypto_key has completed, filesystems can c… redhatsusedebian
CVE-2023-53246 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL When compiled with CONFIG_CIFS_DFS_UPCALL disabled, cifs_dfs_d_automo… redhatsusedebian
CVE-2023-53709 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity c… redhatsusedebian
CVE-2023-53751 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times … redhatsusedebian
CVE-2023-53471 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy… redhatsusedebian
CVE-2023-53806 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: populate subvp cmd info only for the top pipe [Why] System restart observed while changing the display resolutio… redhatsusedebian
CVE-2023-53202 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PM: domains: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, … redhatsusedebian
CVE-2023-54070 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the… redhatsusedebian
CVE-2023-54069 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may… redhatsusedebian