CVE-2023-22998

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-436
View all →

Vulnerability Description

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

Related Vulnerabilities

CVE-2020-9264

MEDIUM
CVSS:5.5(Medium)

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Interne...

CWE-4362020

CVE-2020-9342

MEDIUM
CVSS:5.5(Medium)

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Prot...

CWE-4362020

CVE-2020-9399

MEDIUM
CVSS:5.5(Medium)

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux.

CWE-4362020

CVE-2023-30541

MEDIUM
CVSS:5.3(Medium)

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. ...

CWE-4362023

CVE-2024-3386

MEDIUM
CVSS:5.3(Medium)

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains t...

CWE-4362024

CVE-2025-24013

MEDIUM
CVSS:5.3(Medium)

CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers w...

CWE-4362025