10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
7.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
Security Fix(es):
kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390)
kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459)
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982,Downfall)
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609)
kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
kernel: Race Condition leading to UAF in Unix Socket could happen in sk_receive_queue ()
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163)
kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child’s sibling_list (CVE-2023-5717)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
kernel: use-after-free in IPv4 IGMP (CVE-2023-6932)
kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
Bug Fix(es):
kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (JIRA:RHEL-1104)
[SanityOnly][kernel]BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:35 at: sock_map_update_elem_sys+0x85/0x2a0 (JIRA:RHEL-17572)
kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (JIRA:RHEL-18084)
kernel: NULL pointer dereference in can_rcv_filter (JIRA:RHEL-19463)
kernel: hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (JIRA:RHEL-8592)
kernel: A heap out-of-bounds write (JIRA:RHEL-18008)
kernel: Slab-out-of-bound read in compare_netdev_and_ip (JIRA:RHEL-19356)
kernel: A flaw leading to a use-after-free in area_cache_get() (JIRA:RHEL-19454)
kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (JIRA:RHEL-8978)
kernel: use-after-free in smb2_is_status_io_timeout() (JIRA:RHEL-15167)
kernel: various flaws (JIRA:RHEL-16148)
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (JIRA:RHEL-19001)
kernel: refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20307)
RHEL9.0 - s390/qeth: recovery and set offline lose routes and IPv6 addr (JIRA:RHEL-17885)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (JIRA:RHEL-22092)
dm multipath device suspend deadlocks waiting on a flush request (JIRA:RHEL-19103)
5.14.0-70.87.1.el9_0: aarch64 BUG: arch topology borken / the CLS domain not a subset of the MC domain (JIRA:RHEL-22501)
RHEL-9.0 TEST-17-Setup-struct-perf-event-attr / bz1308907 test failure on Ice Lake (JIRA:RHEL-23085)
Unbounded memory usage by TCP for receive buffers (JIRA:RHEL-16127)
kernel: use-after-free in IPv4 IGMP (JIRA:RHEL-21648)
rbd: don’t move requests to the running list on errors (JIRA:RHEL-23861)
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion (CVE-2022-0480)
kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)
kernel: vmxgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)
kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
7.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%