{"vulnerability": "cve-2023-2300", "sightings": [{"uuid": "4582051f-4bef-4b5c-9168-f0af0254e41c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23000", "type": "seen", "source": "https://t.me/cibsecurity/59266", "content": "\u203c CVE-2023-23000 \u203c\n\nIn the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T22:33:44.000000Z"}, {"uuid": "70537022-8399-40f0-b5e1-02da776c19a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23006", "type": "seen", "source": "https://t.me/cibsecurity/59261", "content": "\u203c CVE-2023-23006 \u203c\n\nIn the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T22:33:37.000000Z"}, {"uuid": "9903db0b-567e-4e6c-a0ec-09f66ec98a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23002", "type": "seen", "source": "https://t.me/cibsecurity/59279", "content": "\u203c CVE-2023-23002 \u203c\n\nIn the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T22:34:00.000000Z"}, {"uuid": "492d09b5-9ab8-4186-a565-7be9fecb2362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23004", "type": "seen", "source": "https://t.me/cibsecurity/59276", "content": "\u203c CVE-2023-23004 \u203c\n\nIn the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T22:33:57.000000Z"}, {"uuid": "9252719f-7ecc-4e8d-bfd4-a3d06f7b99e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23005", "type": "seen", "source": "https://t.me/cibsecurity/59260", "content": "\u203c CVE-2023-23005 \u203c\n\nIn the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T22:33:36.000000Z"}, {"uuid": "c09948ce-979f-4f4d-bdd4-e1c517facf33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23004", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8146", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23004\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).\n\ud83d\udccf Published: 2023-03-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T19:33:52.234Z\n\ud83d\udd17 References:\n1. https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19\n2. https://github.com/torvalds/linux/commit/15342f930ebebcfe36f2415049736a77d7d2e045\n3. https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", "creation_timestamp": "2025-03-19T20:18:17.000000Z"}, {"uuid": "d3a77593-61a9-4c71-a197-4c6a580b5d91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23003", "type": "seen", "source": "https://t.me/cibsecurity/59262", "content": "\u203c CVE-2023-23003 \u203c\n\nIn the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T22:33:37.000000Z"}, {"uuid": "9038282f-2c36-4ebd-a96b-6a2cc9131e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23009", "type": "seen", "source": "https://t.me/cibsecurity/58603", "content": "\u203c CVE-2023-23009 \u203c\n\nLibreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T18:16:43.000000Z"}, {"uuid": "54431ec2-bfd0-4ca8-86be-1d36a3fbb5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23007", "type": "seen", "source": "https://t.me/cibsecurity/58440", "content": "\u203c CVE-2023-23007 \u203c\n\nAn issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T18:13:15.000000Z"}]}