Explore top 10 tips to secure your open-source projects now. Read More
×
CVE-2023-1380
Jisoo Jang reported a heap out-of-bounds read in the brcmfmac
Wi-Fi driver. On systems using this driver, a local user could
exploit this to read sensitive information or to cause a denial of
service (crash).
CVE-2023-2002
Ruiahn Li reported an incorrect permissions check in the Bluetooth
subsystem. A local user could exploit this to reconfigure local
Bluetooth interfaces, resulting in information leaks, spoofing, or
denial of service (loss of connection).
CVE-2023-2007
Lucas Leong (@_wmliang_) and Reno Robert of Trend Micro Zero Day
Initiative discovered a time-of-check-to-time-of-use flaw in the
dpt_i2o SCSI controller driver. A local user with access to a
SCSI device using this driver could exploit this for privilege
escalation.
This flaw has been mitigated by removing support for the I2OUSRCMD
operation.
CVE-2023-2269
Zheng Zhang reported that improper handling of locking in the
Get the latest Linux and open source security news straight to your inbox.