Zixuan Fu - Security Researcher - Exploit Intelligence Platform

CVE-2023-4385 WRITEUP MEDIUM WRITEUP

Linux Kernel - DoS

A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.

CVSS 5.5

View Code

CVE-2023-4387 WRITEUP HIGH WRITEUP

VMware vmxnet3 - Use After Free

A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.

CVSS 7.1

View Code

CVE-2023-4459 WRITEUP MEDIUM WRITEUP

Linux Kernel < 5.18 - NULL Pointer Dereference

A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.

CVSS 5.5

View Code