{"vulnerability": "CVE-2023-2299", "sightings": [{"uuid": "1af932f6-43ca-43c8-b417-dbef30efb4b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22997", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8286", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22997\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\ud83d\udccf Published: 2023-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-20T19:44:36.617Z\n\ud83d\udd17 References:\n1. https://github.com/torvalds/linux/commit/45af1d7aae7d5520d2858f8517a1342646f015db\n2. https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2", "creation_timestamp": "2025-03-20T20:19:45.000000Z"}, {"uuid": "c52195f1-5ceb-407e-88e3-84970b7bcf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22996", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8285", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22996\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device.\n\ud83d\udccf Published: 2023-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-20T19:45:15.232Z\n\ud83d\udd17 References:\n1. https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2\n2. https://github.com/torvalds/linux/commit/4b41a9d0fe3db5f91078a380f62f0572c3ecf2dd", "creation_timestamp": "2025-03-20T20:19:45.000000Z"}, {"uuid": "b83c14df-343b-4c46-ba8e-540b98998e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22999", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8287", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22999\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\ud83d\udccf Published: 2023-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-20T19:44:01.243Z\n\ud83d\udd17 References:\n1. https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3\n2. https://github.com/torvalds/linux/commit/b52fe2dbb3e655eb1483000adfab68a219549e13", "creation_timestamp": "2025-03-20T20:19:46.000000Z"}, {"uuid": "dbc2f347-1844-43c2-92df-db64bd79b21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22995", "type": "seen", "source": "https://t.me/cibsecurity/59081", "content": "\u203c CVE-2023-22995 \u203c\n\nIn the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-28T07:27:17.000000Z"}, {"uuid": "495ccc0c-29c8-488c-84cb-7fcfe7227ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22999", "type": "seen", "source": "https://t.me/cibsecurity/59183", "content": "\u203c CVE-2023-22999 \u203c\n\nIn the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T00:29:22.000000Z"}, {"uuid": "041ef576-0d48-47b5-a155-bfac3d94f81c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22998", "type": "seen", "source": "https://t.me/cibsecurity/59182", "content": "\u203c CVE-2023-22998 \u203c\n\nIn the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T00:29:21.000000Z"}, {"uuid": "e97b362e-6bb2-4b9b-bc8d-02db85bbc11d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22997", "type": "seen", "source": "https://t.me/cibsecurity/59181", "content": "\u203c CVE-2023-22997 \u203c\n\nIn the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T00:29:20.000000Z"}, {"uuid": "31d92f06-db0e-4a8c-b427-b6105e87338f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22996", "type": "seen", "source": "https://t.me/cibsecurity/59180", "content": "\u203c CVE-2023-22996 \u203c\n\nIn the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T00:29:19.000000Z"}]}