CVE-2023-5972 : LINUX KERNEL UP TO 6.6-RC6 NETLINK ATTRIBUTE NFT_INNER.C NULL POINTER DEREFERENCE

Description

A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system.

References

https://access.redhat.com/security/cve/CVE-2023-5972

https://bugzilla.redhat.com/show_bug.cgi?id=2248189

https://github.com/torvalds/linux/commit/505ce0630ad5d31185695f8a29dde8d29f28faa7

https://github.com/torvalds/linux/commit/52177bbf19e6e9398375a148d2e13ed492b40b80

For More Information

CVERecord

Contact us to get started

CVE-2024-34515 : SPATIE IMAGE-OPTIMIZER UP TO 1.7.2 PHAR DESERIALIZATION FILE_EXISTS DESERIALIZATION

Description image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists(). References https://github.com/spatie/image-optimizer/issues/210 https://github.com/spatie/image-optimizer/compare/1.7.2…1.7.3 https://github.com/spatie/image-optimizer/pull/211 For

Learn more

CVE-2024-32638 : APACHE APISIX 3.8.0/3.9.0 FORWARD-AUTH PLUGIN REQUEST SMUGGLING

Description Inconsistent Interpretation of HTTP Requests (‘HTTP Request Smuggling’) vulnerability in Apache APISIX when using `forward-auth` plugin. This issue affects

Learn more

CVE-2024-22144 : ELI SCHEETZ ANTI-MALWARE SECURITY AND BRUTE-FORCE FIREWALL PLUGIN CODE INJECTION

Description Improper Control of Generation of Code (‘Code Injection’) vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows

Learn more