Security Bulletin: IBM Technical Suppport Appliance - possible security flaws or denial of service

Vulnerability Details

CVEID:   CVE-2021-43975
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by an out-of-bounds write in hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c. By sending a specially-crafted length value using an emulate networking device, an attacker could exploit this vulnerability to execute arbitrary code or crash the system.
CWE:   CWE-787: Out-of-bounds Write
CVSS Source:   IBM X-Force
CVSS Base score:   6.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2022-3594
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by an error in the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. A remote attacker could exploit this vulnerability to cause a denial of service.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2022-3640
DESCRIPTION:   A use-after-free in the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unknown impact.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:   CVE-2022-4744
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a double-free flaw in the TUN/TAP device driver functionality. An attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2022-28388
DESCRIPTION:   Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a double-free flaw in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   8.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2022-38457
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the vmw_cmd_res_check function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2022-40133
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the vmw_execbuf_tie_context function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2022-40982
DESCRIPTION:   Multiple Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the microarchitectural state after transient execution in certain vector execution units. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   IBM X-Force
CVSS Base score:   6.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)

CVEID:   CVE-2022-42895
DESCRIPTION:   Linux Kernel could allow a local attacker to obtain sensitive information, caused by an infoleak vulnerability in the net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function. An attacker could exploit this vulnerability to obtain sensitive information.
CWE:   CWE-824: Access of Uninitialized Pointer
CVSS Source:   IBM X-Force
CVSS Base score:   5.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2022-45869
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition in the x86 KVM subsystem when nested virtualisation and the TDP MMU are enabled. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2022-45887
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in drivers/media/usb/ttusb-dec/ttusb_dec.c By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source:   IBM X-Force
CVSS Base score:   4.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-0458
DESCRIPTION:   Linux Kernel could allow a remote authenticated attacker to obtain sensitive information, caused by a speculative pointer dereference in the do_prlimit() function. An attacker could exploit this vulnerability to leak the contents and obtain sensitive information.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2023-0590
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in qdisc_graft in net/sched/sch_api.c. An attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-0597
DESCRIPTION:   Linux Kernel could allow a local attacker to obtain sensitive information, caused by a memory leak in the cpu_entry_area mapping of X86 CPU data to memory. An attacker could exploit this vulnerability to gain access to some important data with expected location in memory.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2023-1073
DESCRIPTION:   Linux Kernel could allow a physical authenticated attacker to gain elevated privileges on the system, caused by a memory corruption flaw in the human interface device (HID) subsystem. By using a specially crafted USB device , an attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
CWE:   CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS Source:   IBM X-Force
CVSS Base score:   6.3
CVSS Vector:   (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-1074
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak flaw in the Stream Control Transmission Protocol. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to starve resources, and results in a denial of service condition.
CWE:   CWE-401: Missing Release of Memory after Effective Lifetime
CVSS Source:   IBM X-Force
CVSS Base score:   4.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1075
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper checking for list emptiness by the tls_is_tx_ready() function. By sending a specially crafted request to access a type confused entry to the list_head, an attacker could exploit this vulnerability to obtain the last byte of the confused field that overlaps with rec->tx_ready, and use this information to launch further attacks against the affected system.
CWE:   CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS Source:   IBM X-Force
CVSS Base score:   2.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVEID:   CVE-2023-1079
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw flaw in the asus_kbd_backlight_set function. By using a specially-crafted USB device, a physical attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   4.6
CVSS Vector:   (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1118
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in drivers/media/rc/ene_ir.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the kernel to crash.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1206
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a flaw in the IPv6 connection lookup table. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the CPU usage to increase, and results in a denial of service condition.
CWE:   CWE-400: Uncontrolled Resource Consumption
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1252
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the Ext4 File System. An attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-1382
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1855
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the xgene-hwmon driver. A local attacker could exploit this vulnerability to cause the system to crash or obtain kernel memory.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H)

CVEID:   CVE-2023-1989
DESCRIPTION:   Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free flaw in btsdio_remove function in drivers\bluetooth\btsdio.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   8.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-1998
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the spectre_v2_user_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Spectre Mitigation component . By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE:   CWE-204: Observable Response Discrepancy
CVSS Source:   IBM X-Force
CVSS Base score:   5.6
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)

CVEID:   CVE-2023-23455
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a type confusion flaw in the atm_tc_enqueue function in net/sched/sch_atm.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-2513
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the ext4 filesystem when handling extra inode size for extended attributes. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   4.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-26545
DESCRIPTION:   A double free in net/mpls/af_mpls.c upon an allocation failure during the renaming of a device in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unknown impact.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:   CVE-2023-28328
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the az6027 driver in drivers/media/usb/dev-usb/az6027.c. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-28772
DESCRIPTION:   Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the seq_buf_putmem_hex function in lib/seq_buf.c. By sending a specially crafted request, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system.
CWE:   CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVSS Source:   IBM X-Force
CVSS Base score:   8.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-30456
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by the lack of consistency checks for CR0 and CR4 in arch/x86/kvm/vmx/nested.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-264: Permissions, Privileges, and Access Controls
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-31084
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called in drivers/media/dvb-core/dvb_frontend.c. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-3141
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in r592_remove in drivers/memstick/host/r592.c in media access. An attacker could exploit this vulnerability to crash the system at device disconnect and possibly leak kernel information.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)

CVEID:   CVE-2023-31436
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write in qfq_change_class in net/sched/sch_qfq.c. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CWE:   CWE-787: Out-of-bounds Write
CVSS Source:   IBM X-Force
CVSS Base score:   8.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

CVEID:   CVE-2023-3161
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a shift-out-of-bounds flaw in the fbcon_set_font() function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-1335: Incorrect Bitwise Shift of Integer
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-3212
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by NULL pointer dereference issue in the gfs2 file system. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   3.3
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2023-3268
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds memory access flaw in the relay_file_read_start_pos function in kernel/relay.c in the relayfs. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive information.
CWE:   CWE-125: Out-of-bounds Read
CVSS Source:   IBM X-Force
CVSS Base score:   7.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)

CVEID:   CVE-2023-33203
DESCRIPTION:   Linux Kernel could allow a physical attacker to execute arbitrary code on the system, caused by a race condition in drivers/net/ethernet/qualcomm/emac/emac.c. By unplugging an EMAC-based device, an attacker could exploit this vulnerability to trigger a use-after-free and execute arbitrary code on the system.
CWE:   CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source:   IBM X-Force
CVSS Base score:   6.8
CVSS Vector:   (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-33951
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a race condition in the handling of GEM objects. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information in the context of the kernel, or cause a denial of service condition.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   CVE.org
CVSS Base score:   6.7
CVSS Vector:   (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L)

CVEID:   CVE-2023-33952
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a double free in the handling of vmw_buffer_object objects. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute code in the context of the kernel.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   8.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

CVEID:   CVE-2023-35823
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the saa7134_finidev function in drivers/media/pci/saa7134/saa7134-core.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-35824
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the dm1105_remove function in drivers/media/pci/dm1105/dm1105.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-35825
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the r592_remove function in drivers/memstick/host/r592.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-3609
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_u32 component. By sending a specially crafted request using the reference counter, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-3611
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write flaw in the net/sched: sch_qfq component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-787: Out-of-bounds Write
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-3772
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the xfrm_update_ae_params() function in the IP framework for transforming packets (XFRM subsystem). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the kernel to crash.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   CVE.org
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-4128
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in net/sched/cls_fw.c in classifiers. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4132
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the siano smsusb module. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-4155
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition in KVM AMD Secure Encrypted Virtualization (SEV). By sending a specially crafted request using the VMGEXIT handler recursively, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H)

CVEID:   CVE-2023-4206
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_route component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4207
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_fw component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4208
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_u32 component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4732
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h in the memory management subsytem. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CWE:   CWE-366: Race Condition within a Thread
CVSS Source:   IBM X-Force
CVSS Base score:   4.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)