Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result in denial of service . CVE-2023-1989 Zheng Wang reported a race condition in the btsdio Bluetooth adapter driver that can lead to a use-after-free. An attacker able to insert and remove SDIO devices can use this to cause a denial of service or possibly to run arbitrary code in the kernel. CVE-2023-2430 Xingyuan Mo discovered that the io_uring subsystem did not properly handle locking when the target ring is configured with IOPOLL, which may result in denial of service. CVE-2023-2898 It was discovered that missing sanitising in the f2fs file system may result in denial of service if a malformed file system is accessed. CVE-2023-3611 The TOTE Robot tool found a flaw in the Btrfs filesystem driver that can lead to a use-after-free. It"s unclear whether an unprivileged user can exploit this. CVE-2023-3772 Lin Ma discovered a NULL pointer dereference flaw in the XFRM subsystem which may result in denial of service. CVE-2023-3773 Lin Ma discovered a flaw in the the XFRM subsystem, which may result in denial of service for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2023-3776, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 It was discovered that a use-after-free in the cls_fw, cls_u32 and cls_route network classifiers may result in denial of service or potential local privilege escalation. CVE-2023-3777 Kevin Rich discovered a use-after-free in Netfilter when flushing table rules, which may result in local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2023-3863 It was discovered that a use-after-free in the NFC implementation may result in denial of service, an information leak or potential local privilege escalation. CVE-2023-4004 It was discovered that a use-after-free in Netfilter"s implementation of PIPAPO may result in denial of service or potential local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2023-4015 Kevin Rich discovered a use-after-free in Netfilter when handling bound chain deactivation in certain circumstances, may result in denial of service or potential local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2023-4132 A use-after-free in the driver for Siano SMS1xxx based MDTV receivers may result in local denial of service. CVE-2023-4147 Kevin Rich discovered a use-after-free in Netfilter when adding a rule with NFTA_RULE_CHAIN_ID, which may result in local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2023-4155 Andy Nguyen discovered a flaw in the KVM subsystem allowing a KVM guest using EV-ES or SEV-SNP to cause a denial of service. CVE-2023-4194 A type confusion in the implementation of TUN/TAP network devices may allow a local user to bypass network filters. CVE-2023-4273 Maxim Suhanov discovered a stack overflow in the exFAT driver, which may result in local denial of service via a malformed file system. CVE-2023-4569 lonial con discovered flaw in the Netfilter subsystem, which may allow a local attacher to cause a double-deactivations of catchall elements, which results in a memory leak. CVE-2023-4622 Bing-Jhong Billy Jheng discovered a use-after-free within the Unix domain sockets component, which may result in local privilege escalation. CVE-2023-20588 Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Koepf and Oleksii Oleksenko discovered that on some AMD CPUs with the Zen1 micro architecture an integer division by zero may leave stale quotient data from a previous division, resulting in a potential leak of sensitive data. CVE-2023-34319 Ross Lagerwall discovered a buffer overrun in Xen"s netback driver which may allow a Xen guest to cause denial of service to the virtualisation host my sending malformed packets. CVE-2023-40283 A use-after-free was discovered in Bluetooth L2CAP socket handling.