Linux Kernel CVE Statistics
18 Linux Kernel CVEs in October 2023
Full month · Source: NIST NVD
In October 2023, 18 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 6 were rated High severity and 12 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. October's 18 CVEs represent 6% of all 2023 Linux kernel CVEs , down from September's 20 (a 10% month-over-month decrease) .
18
Total CVEs
0
Critical
6
High
12
Medium
0
Low
0
KEV Exploited
All CVEs — October 2023
18 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2023-39191 | linux | High | 8.2 | 2023-10-04 | An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack o… | |
| CVE-2023-5717 | linux | High | 7.8 | 2023-10-25 | A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be … | |
| CVE-2023-45898 | linux | High | 7.8 | 2023-10-16 | The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent. | |
| CVE-2023-5345 | linux | High | 7.8 | 2023-10-03 | A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privileg… | |
| CVE-2023-45871 | linux | High | 7.5 | 2023-10-15 | An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3… | |
| CVE-2023-46813 | linux | High | 7.0 | 2023-10-27 | An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO regi… | |
| CVE-2023-45863 | linux | Medium | 6.4 | 2023-10-14 | An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a … | |
| CVE-2023-40791 | linux | Medium | 6.3 | 2023-10-16 | extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, … | |
| CVE-2023-39189 | linux | Medium | 6.0 | 2023-10-09 | A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate th… | |
| CVE-2023-39192 | linux | Medium | 6.0 | 2023-10-09 | A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the x… | |
| CVE-2023-39193 | linux | Medium | 6.0 | 2023-10-09 | A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count fiel… | |
| CVE-2023-45862 | linux | Medium | 5.5 | 2023-10-14 | An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before… | |
| CVE-2023-42752 | linux | Medium | 5.5 | 2023-10-13 | An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in … | |
| CVE-2023-42755 | linux | Medium | 5.5 | 2023-10-05 | A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may … | |
| CVE-2023-42754 | linux | Medium | 5.5 | 2023-10-05 | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be ass… |