exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

CVE-2023-35001

Status Candidate

Overview

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

Related Files

Red Hat Security Advisory 2023-7243-01
Posted Nov 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7243-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-35001
SHA-256 | 8dd0a231d81af3a29d08cd629a6c422bd9301fe672f06626995849a52cba9332
Ubuntu Security Notice USN-6460-1
Posted Oct 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6460-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly expose sensitive information.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-1206, CVE-2023-1380, CVE-2023-31436, CVE-2023-35001, CVE-2023-42752, CVE-2023-42755, CVE-2023-4623
SHA-256 | ccc14e1e2347798994b0336a3ccd2a0a1c44b24485ea7d3488a8ff85109c2c43
Red Hat Security Advisory 2023-5414-01
Posted Oct 3, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5414-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-35001
SHA-256 | 9f296f8a48ae6fd974d745129b9c66ff26d2b5dd410c68b4432ac987d764b065
Red Hat Security Advisory 2023-5233-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2022-41723, CVE-2023-1637, CVE-2023-20593, CVE-2023-21102, CVE-2023-2602, CVE-2023-2603, CVE-2023-30630, CVE-2023-31248, CVE-2023-3354, CVE-2023-3390, CVE-2023-34969, CVE-2023-35001, CVE-2023-3610
SHA-256 | 7d1ca71c1592ac5ce6262de9a56cdeccb6d9818d38d921dd586a1126ca6c0bd9
Red Hat Security Advisory 2023-5235-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5235-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-3390, CVE-2023-35001, CVE-2023-4128
SHA-256 | 6f099abe73ac33e80baa5d8d1e3d410f894d3a3240474d494d7287763928f8c0
Red Hat Security Advisory 2023-5238-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5238-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-3390, CVE-2023-35001, CVE-2023-4128
SHA-256 | 8058fe24a0cfa3c085dc7b5c2348a3740dd28e77b8486c7f1ab63d7ccfd6b094
Red Hat Security Advisory 2023-5244-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-2002, CVE-2023-20593, CVE-2023-3090, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788, CVE-2023-3776, CVE-2023-4004
SHA-256 | 2d37542ffeef6aa7c393c541f56dba5c05c37d66228b869b552effea838c1489
Red Hat Security Advisory 2023-5255-01
Posted Sep 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5255-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine- tuning for systems with extremely high determinism requirements. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-2002, CVE-2023-20593, CVE-2023-3090, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788, CVE-2023-3776, CVE-2023-4004
SHA-256 | 258b79c6d38731112095e3861aa827e7da64cfdb743f048033bd446d901f450c
Red Hat Security Advisory 2023-5221-01
Posted Sep 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5221-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-3090, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788, CVE-2023-3776, CVE-2023-4004
SHA-256 | 90b863a69ef3aaeeadf4c84256e8105c90c054203054b9c02dcef9c670542b6c
Red Hat Security Advisory 2023-5069-01
Posted Sep 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-1637, CVE-2023-20593, CVE-2023-21102, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3610, CVE-2023-3776, CVE-2023-4004, CVE-2023-4147
SHA-256 | d1d2671f8a3af58445d1e0aa04838bed4cb8aa8eca76d4c0771529fae16ba345
Red Hat Security Advisory 2023-5091-01
Posted Sep 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-1637, CVE-2023-20593, CVE-2023-21102, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3610, CVE-2023-3776, CVE-2023-4004, CVE-2023-4147
SHA-256 | 692e3399682d917e015031b7ecbf9074ae894e373dd78e0e924c5ef7cd103383
Red Hat Security Advisory 2023-5093-01
Posted Sep 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3610, CVE-2023-3776, CVE-2023-4004, CVE-2023-4147
SHA-256 | d823b3d002e6c5a51689e4caf4dc36b044651db9819d7381ddde6dfeea7a833e
Kernel Live Patch Security Notice LSN-0097-1
Posted Sep 11, 2023
Authored by Benjamin M. Romer

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux
advisories | CVE-2023-3090, CVE-2023-31248, CVE-2023-32629, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788
SHA-256 | ea3847865d59a38e67f8587f61b9187dd08496a2ad7eb51fab178dfdf50df391
Red Hat Security Advisory 2023-4961-01
Posted Sep 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-1829, CVE-2023-2002, CVE-2023-2124, CVE-2023-3090, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788, CVE-2023-4004
SHA-256 | 6684389df31fc20aede82599f99fafc894611d2c55fac3be32a4e69245e35cdc
Red Hat Security Advisory 2023-4967-01
Posted Sep 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4967-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-1829, CVE-2023-3090, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788, CVE-2023-4004
SHA-256 | 5e22461312df0e509649b6a701ce80d7ddb1c340b7ff0348a3ad838f96cc31fa
Red Hat Security Advisory 2023-4962-01
Posted Sep 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-1829, CVE-2023-2002, CVE-2023-2124, CVE-2023-3090, CVE-2023-3390, CVE-2023-35001, CVE-2023-35788, CVE-2023-4004
SHA-256 | 53ab97930ec953dffbca45e4e056a2e6296372ccd616bd9dc629e8f5df8fa6e6
Ubuntu Security Notice USN-6285-1
Posted Aug 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6285-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48502, CVE-2023-2640, CVE-2023-2898, CVE-2023-31248, CVE-2023-32629, CVE-2023-3390, CVE-2023-35001, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-38430, CVE-2023-38432, CVE-2023-3863
SHA-256 | c7303f43ba77d16cc931ee8b1c0d2f16d00a561cedb386fa837bfed417cd59f3
Ubuntu Security Notice USN-6261-1
Posted Jul 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-3090, CVE-2023-32629, CVE-2023-3390, CVE-2023-35001
SHA-256 | 61fedc9fdbbcf1386a4c050696f6c23c47c6b3b07660a05455f081ba31d4a991
Ubuntu Security Notice USN-6260-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6260-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48502, CVE-2023-2640, CVE-2023-3090, CVE-2023-31248, CVE-2023-3141, CVE-2023-32629, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001
SHA-256 | a4384a0d58c965d16d9a12fe71bc79afb9b36f12a4660d6419a9dae8338f976a
Ubuntu Security Notice USN-6255-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-3090, CVE-2023-31248, CVE-2023-3389, CVE-2023-3390, CVE-2023-3439, CVE-2023-35001
SHA-256 | b92e45b5821cbc38a01a9f4fad300b0ca630b46f0b15c730d3315c01259ea4d7
Ubuntu Security Notice USN-6254-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6254-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0458, CVE-2023-1611, CVE-2023-2124, CVE-2023-2162, CVE-2023-2513, CVE-2023-3090, CVE-2023-3141, CVE-2023-3159, CVE-2023-3161, CVE-2023-3268, CVE-2023-3390, CVE-2023-35001
SHA-256 | 0faaa1a4c904d2777eb8f39748a9d767eddb9f41659d19079b8dcbea4f5d81ef
Ubuntu Security Notice USN-6252-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6252-1 - It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service. It was discovered that the sound subsystem in the Linux kernel contained a race condition in some situations. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-1184, CVE-2022-3303, CVE-2023-1611, CVE-2023-1670, CVE-2023-1859, CVE-2023-1990, CVE-2023-2124, CVE-2023-3090, CVE-2023-3111, CVE-2023-3141, CVE-2023-3268, CVE-2023-3390, CVE-2023-35001
SHA-256 | f33849bf32c8784dc2dc942eddd765a6da4ead4a24f6749cde835abee1fdbf59
Ubuntu Security Notice USN-6251-1
Posted Jul 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6251-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-3090, CVE-2023-32629, CVE-2023-3390, CVE-2023-35001
SHA-256 | 454e1b5e5d30f6e8a5dc26ecf1b6be0d2fc92760c30103129500f56590135e97
Ubuntu Security Notice USN-6250-1
Posted Jul 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6250-1 - Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2640, CVE-2023-3090, CVE-2023-31248, CVE-2023-32629, CVE-2023-3269, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001
SHA-256 | a3c2bee7fb44adf555ec4f0c4513eec063216c00e3541ec88c1729871be7fb50
Kernel Live Patch Security Notice LSN-0096-1
Posted Jul 26, 2023
Authored by Benjamin M. Romer

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). Various other issues were also addressed.

tags | advisory, denial of service, x86, kernel
systems | linux
advisories | CVE-2023-1380, CVE-2023-30456, CVE-2023-31248, CVE-2023-31436, CVE-2023-35001
SHA-256 | f71c9e71db4bb6c2c048a5f92cbb08cec9d660d843f677df4000f97384e9be37
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close