Slackware Linux update for kernel



Published: 2023-06-22 | Updated: 2023-06-26
Risk Medium
Patch available YES
Number of vulnerabilities 42
CVE-ID CVE-2022-2196
CVE-2022-27672
CVE-2022-3707
CVE-2022-4269
CVE-2022-4379
CVE-2022-48425
CVE-2023-0459
CVE-2023-1076
CVE-2023-1077
CVE-2023-1078
CVE-2023-1079
CVE-2023-1118
CVE-2023-1281
CVE-2023-1380
CVE-2023-1513
CVE-2023-1611
CVE-2023-1670
CVE-2023-1829
CVE-2023-1855
CVE-2023-1859
CVE-2023-1989
CVE-2023-1990
CVE-2023-2002
CVE-2023-2156
CVE-2023-2162
CVE-2023-2194
CVE-2023-2235
CVE-2023-2269
CVE-2023-23004
CVE-2023-2483
CVE-2023-25012
CVE-2023-26545
CVE-2023-28466
CVE-2023-2985
CVE-2023-30456
CVE-2023-30772
CVE-2023-31436
CVE-2023-32233
CVE-2023-32269
CVE-2023-33203
CVE-2023-33288
CVE-2023-34256
CWE-ID CWE-665
CWE-1342
CWE-415
CWE-833
CWE-416
CWE-763
CWE-1037
CWE-843
CWE-787
CWE-125
CWE-264
CWE-617
CWE-667
CWE-476
CWE-362
CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #23 is available.
Public exploit code for vulnerability #38 is available.
Vulnerable software
Subscribe 		Slackware Linux
Operating systems & Components / Operating system

linux-5.15.118/kernel-modules
Operating systems & Components / Operating system package or component

linux-5.15.118/kernel-huge
Operating systems & Components / Operating system package or component

linux-5.15.118/kernel-generic
Operating systems & Components / Operating system package or component

linux-5.15.118/kernel-headers
Operating systems & Components / Operating system package or component

Vendor Slackware

Security Bulletin

This security bulletin contains information about 42 vulnerabilities.

1) Improper Initialization

EUVDB-ID: #VU74019

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2196

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper initialization within nVMX in Linux kernel. A local user can perform speculative execution attacks and escalate privileges on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cross-thread return address predictions

EUVDB-ID: #VU72470

Risk: Low

CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27672

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to certain AMD processors may speculatively execute instructions at an incorrect return site after an SMT mode switch that may potentially lead to information disclosure.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Double Free

EUVDB-ID: #VU70487

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3707

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the intel_gvt_dma_map_guest_page() function in Intel GVT-g graphics driver. A local user can trigger a double free error and crash the kernel.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Deadlock

EUVDB-ID: #VU73186

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4269

CWE-ID: CWE-833 - Deadlock

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in the Linux kernel Traffic Control (TC) subsystem. A local user can use a specific network configuration (redirecting egress packets to ingress using TC action "mirred") to trigger a CPU soft lockup.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU71583

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4379

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the __nfs42_ssc_open() function in fs/nfs/nfs4file.c. A remote attacker can perform a denial of service (DoS) attack.


Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Release of invalid pointer or reference

EUVDB-ID: #VU77625

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48425

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an invalid kfree in fs/ntfs3/inode.c caused by improper validation of MFT flags before replaying logs. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU76222

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0459

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper implementation of speculative execution barriers in usercopy functions
in certain situations. A local user can gain access to sensitive information.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Type Confusion

EUVDB-ID: #VU72742

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1076

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error during initialization of TUN/TAP sockets. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Type Confusion

EUVDB-ID: #VU72699

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1077

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error within the pick_next_rt_entity() function pick_next_rt_entity(). A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds write

EUVDB-ID: #VU74054

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1078

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the rds_rm_zerocopy_callback() function in Linux kernel RDS (Reliable Datagram Sockets) protocol. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU72741

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1079

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to compromise the vulnerable system.

The vulnerability exists due to a use-after-free error within the asus_kbd_backlight_set() function when plugging in a malicious USB device. An attacker with physical access to the system can inject a malicious USB device, trigger a use-after-free error and execute arbitrary code.


Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU72734

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1118

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel integrated infrared receiver/transceiver driver "drivers/media/rc/ene_ir.c" when detaching rc device. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free

EUVDB-ID: #VU74122

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1281

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel traffic control index filter (tcindex) when the tcf_exts_exec() function is called with the destroyed tcf_ext. A local user attacker can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Out-of-bounds read

EUVDB-ID: #VU73280

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1380

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the Broadcom Full MAC Wi-Fi driver (brcmfmac.ko). A local user can trigger an out-of-bounds read error and read contents of kernel memory on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper Initialization

EUVDB-ID: #VU74630

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1513

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper initialization when calling the KVM_GET_DEBUGREGS ioctl on 32-bit systems. A local user can run a specially crafted application to gain access to sensitive information.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free

EUVDB-ID: #VU75204

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1611

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the btrfs_search_slot() function in fs/btrfs/ctree.c. A local user can trigger a use-after-free error and crash the kernel.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU75450

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1670

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Xircom 16-bit PCMCIA (PC-card) Ethernet driver. A local user can trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU75448

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1829

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU75451

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1855

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xgene_hwmon_remove() function in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). A local user can trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU75769

Risk: Medium

CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1859

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a malicious guest to gain access to sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the xen_9pfs_front_removet() function in net/9p/trans_xen.c in Xen transport for 9pfs. A malicious guest VM can trigger a use-after-free error and gain access to sensitive information of the hypervisor or crash it.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU75452

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1989

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btsdio_remove() function in driversluetoothtsdio.c. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU75453

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1990

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the ndlc_remove() function in drivers/nfc/st-nci/ndlc.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU75163

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-2002

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper permissions check in the Bluetooth subsystem when handling ioctl system calls of HCI sockets. A local user can acquire a trusted socket, leading to unauthorized execution of management commands.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

24) Reachable Assertion

EUVDB-ID: #VU76392

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2156

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling IPv6 RPL protocol. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU75994

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2162

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds write

EUVDB-ID: #VU77249

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2194

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the Linux kernel's SLIMpro I2C device driver. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU75997

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2235

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux Kernel Performance Events system. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper locking

EUVDB-ID: #VU77243

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2269

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack (DoS).

The vulnerability exists due to double-locking error in table_clear in drivers/md/dm-ioctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) NULL pointer dereference

EUVDB-ID: #VU73773

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23004

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the get_sg_table() function in drivers/gpu/drm/arm/malidp_planes.c. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Race condition

EUVDB-ID: #VU76024

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2483

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition in Qualcomm EMAC Gigabit Ethernet Controller. An attacker with physical access to system can remove the device before cleanup in the emac_remove() function is called, trigger a use-after-free error and crash the kernel.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Use-after-free

EUVDB-ID: #VU71764

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-25012

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the bigben_remove() function in drivers/hid/hid-bigbenff.c. An attacker with physical access to the system can attach a specially crafted USB device to the system and cause a denial of service condition.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Double Free

EUVDB-ID: #VU73766

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-26545

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a double free in net/mpls/af_mpls.c during the renaming of a device. A local user can trigger a double free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Race condition

EUVDB-ID: #VU74628

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28466

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition caused by a missing lock_sock call within the do_tls_getsockopt() function in net/tls/tls_main.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU77495

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2985

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the hfsplus_put_super() function in fs/hfsplus/super.c. A local user can trigger a use-after-free error and crash the kernel.


Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Input validation error

EUVDB-ID: #VU75456

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-30456

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of consistency for for CR0 and CR4 in arch/x86/kvm/vmx/nested.c in the Linux kernel. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Race condition

EUVDB-ID: #VU75996

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-30772

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows an attacker to compromise the affected system.

The vulnerability exists due to a race condition in rivers/power/supply/da9150-charger.c in Linux kernel. An attacker with physical access to device can trigger a race condition while unplugin the device and execute arbitrary code on the system.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Out-of-bounds write

EUVDB-ID: #VU76098

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-31436

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the qfq_change_class() function in net/sched/sch_qfq.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU75807

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-32233

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Netfilter nf_tables when processing batch requests. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

39) Use-after-free

EUVDB-ID: #VU76221

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32269

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in net/netrom/af_netrom.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability requires that the system has netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Race condition

EUVDB-ID: #VU77496

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-33203

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in drivers/net/ethernet/qualcomm/emac/emac.c. An attacker with physical access to the system can exploit the race by unplugging an emac based device and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU76410

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-33288

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the bq24190_remove function in drivers/power/supply/bq24190_charger.c. A local authenticated user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Out-of-bounds read

EUVDB-ID: #VU77624

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34256

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within crc16 in lib/crc16.c when called from fs/ext4/super.c. A local user can trigger an out-of-bounds read error and crash the kernel.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 15.0

linux-5.15.118/kernel-modules: before 5.15.118

linux-5.15.118/kernel-huge: before 5.15.118

linux-5.15.118/kernel-generic: before 5.15.118

linux-5.15.118/kernel-headers: before 5.15.118_smp

External links

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.816190


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###