[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-39198":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":106,"related":107,"reserved_at":9,"published_at":128,"modified_at":129,"state":130,"summary":131,"references_raw":140,"kevs":173,"epss":174,"epss_history":177,"metrics":403,"affected":416},"CVE-2023-39198","A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.",null,[11,28],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-366","Race Condition within a Thread","If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined.","weakness","Draft","Base","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],{"_key":29,"id":29,"name":30,"description":31,"type":15,"status":32,"abstraction":33,"likelihood_of_exploit":34,"capec":35},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","Stable","Variant","High",[],[],[],[],[40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104],{"_key":41},"SUSE-SU-2023:4733-1",{"_key":43},"SUSE-SU-2023:4730-1",{"_key":45},"SUSE-SU-2023:4731-1",{"_key":47},"SUSE-SU-2023:4882-1",{"_key":49},"SUSE-SU-2023:4735-1",{"_key":51},"SUSE-SU-2023:4783-1",{"_key":53},"SUSE-SU-2023:4784-1",{"_key":55},"SUSE-SU-2023:4811-1",{"_key":57},"SUSE-SU-2023:4883-1",{"_key":59},"SUSE-SU-2024:0622-1",{"_key":61},"SUSE-SU-2024:0655-1",{"_key":63},"SUSE-SU-2024:0662-1",{"_key":65},"SUSE-SU-2024:0666-1",{"_key":67},"SUSE-SU-2024:0698-1",{"_key":69},"SUSE-SU-2024:0705-1",{"_key":71},"SUSE-SU-2024:0727-1",{"_key":73},"SUSE-SU-2023:4732-1",{"_key":75},"SUSE-SU-2023:4734-1",{"_key":77},"SUSE-SU-2023:4782-1",{"_key":79},"SUSE-SU-2023:4810-1",{"_key":81},"DLA-3841-1",{"_key":83},"DEBIAN-CVE-2023-39198",{"_key":85},"RHSA-2024:2950",{"_key":87},"RHSA-2024:2394",{"_key":89},"RHSA-2024:3138",{"_key":91},"UBUNTU-CVE-2023-39198",{"_key":93},"USN-6534-1",{"_key":95},"USN-6534-3",{"_key":97},"USN-6549-1",{"_key":99},"USN-6549-2",{"_key":101},"USN-6549-3",{"_key":103},"USN-6549-4",{"_key":105},"USN-6549-5",[],[108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127],{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},"2023-11-09T19:15:47.605Z","2026-03-24T11:28:17.016Z","Modified",{"cisa_kev":132,"cisa_ransomware":132,"cisa_vendor":9,"epss_severity":133,"epss_score":134,"severity":135,"severity_score":136,"severity_version":137,"severity_source":138,"severity_vector":139,"severity_status":130},false,"low",0.00012,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",[141,148,152,156,163,168],{"url":142,"sources":143,"tags":145},"https://access.redhat.com/errata/RHSA-2024:2394",[138,144],"nvd",[146,147],"Vendor Advisory","X Refsource REDHAT",{"url":149,"sources":150,"tags":151},"https://access.redhat.com/errata/RHSA-2024:2950",[138,144],[146,147],{"url":153,"sources":154,"tags":155},"https://access.redhat.com/errata/RHSA-2024:3138",[138,144],[146,147],{"url":157,"sources":158,"tags":159},"https://access.redhat.com/security/cve/CVE-2023-39198",[138,144],[160,147,161,162],"VDB Entry","Issue Tracking","Third Party Advisory",{"url":164,"sources":165,"tags":166},"https://bugzilla.redhat.com/show_bug.cgi?id=2218332",[138,144],[161,147,167,162],"Patch",{"url":169,"sources":170,"tags":171},"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html",[138,144],[172],"X Transferred",[],{"date":175,"score":134,"percentile":176},"2026-06-03",0.01727,[178,182,185,187,189,192,194,197,199,202,204,206,208,210,213,217,220,223,226,229,231,234,237,240,243,246,249,251,253,256,259,262,264,267,269,271,274,276,279,282,284,287,290,293,296,298,300,303,305,307,310,313,315,318,320,322,324,327,329,331,333,335,337,339,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,379,382,385,388,391,394,397,400],{"date":179,"score":180,"percentile":181},"2025-11-04",0.00008,0.0046,{"date":183,"score":180,"percentile":184},"2025-11-05",0.00458,{"date":186,"score":180,"percentile":181},"2025-11-06",{"date":188,"score":180,"percentile":181},"2025-11-07",{"date":190,"score":180,"percentile":191},"2025-11-08",0.00459,{"date":193,"score":180,"percentile":184},"2025-11-09",{"date":195,"score":180,"percentile":196},"2025-11-10",0.00456,{"date":198,"score":180,"percentile":191},"2025-11-11",{"date":200,"score":180,"percentile":201},"2025-11-12",0.00457,{"date":203,"score":180,"percentile":201},"2025-11-13",{"date":205,"score":180,"percentile":191},"2025-11-14",{"date":207,"score":180,"percentile":201},"2025-11-15",{"date":209,"score":180,"percentile":196},"2025-11-16",{"date":211,"score":180,"percentile":212},"2025-11-17",0.00454,{"date":214,"score":215,"percentile":216},"2025-11-18",0.00056,0.1311,{"date":218,"score":215,"percentile":219},"2025-11-19",0.13128,{"date":221,"score":215,"percentile":222},"2025-11-20",0.13145,{"date":224,"score":180,"percentile":225},"2025-11-21",0.00486,{"date":227,"score":180,"percentile":228},"2025-11-22",0.00485,{"date":230,"score":180,"percentile":228},"2025-11-23",{"date":232,"score":180,"percentile":233},"2025-11-24",0.00483,{"date":235,"score":180,"percentile":236},"2025-11-25",0.00481,{"date":238,"score":180,"percentile":239},"2025-11-26",0.0048,{"date":241,"score":180,"percentile":242},"2025-11-27",0.00461,{"date":244,"score":180,"percentile":245},"2025-11-28",0.00465,{"date":247,"score":180,"percentile":248},"2025-11-29",0.0047,{"date":250,"score":180,"percentile":248},"2025-11-30",{"date":252,"score":180,"percentile":248},"2025-12-01",{"date":254,"score":180,"percentile":255},"2025-12-02",0.00468,{"date":257,"score":180,"percentile":258},"2025-12-03",0.00472,{"date":260,"score":180,"percentile":261},"2025-12-04",0.00477,{"date":263,"score":180,"percentile":239},"2025-12-05",{"date":265,"score":180,"percentile":266},"2025-12-06",0.00478,{"date":268,"score":180,"percentile":266},"2025-12-07",{"date":270,"score":180,"percentile":233},"2025-12-08",{"date":272,"score":180,"percentile":273},"2025-12-09",0.00498,{"date":275,"score":180,"percentile":273},"2025-12-10",{"date":277,"score":180,"percentile":278},"2025-12-11",0.005,{"date":280,"score":180,"percentile":281},"2025-12-12",0.00506,{"date":283,"score":180,"percentile":281},"2025-12-13",{"date":285,"score":180,"percentile":286},"2025-12-14",0.00504,{"date":288,"score":180,"percentile":289},"2025-12-15",0.00502,{"date":291,"score":180,"percentile":292},"2025-12-16",0.00503,{"date":294,"score":180,"percentile":295},"2025-12-17",0.00505,{"date":297,"score":180,"percentile":289},"2025-12-18",{"date":299,"score":180,"percentile":289},"2025-12-19",{"date":301,"score":180,"percentile":302},"2025-12-20",0.00501,{"date":304,"score":180,"percentile":278},"2025-12-21",{"date":306,"score":180,"percentile":292},"2025-12-22",{"date":308,"score":180,"percentile":309},"2025-12-23",0.00508,{"date":311,"score":180,"percentile":312},"2025-12-24",0.00509,{"date":314,"score":180,"percentile":312},"2025-12-25",{"date":316,"score":180,"percentile":317},"2025-12-26",0.0051,{"date":319,"score":180,"percentile":309},"2025-12-27",{"date":321,"score":180,"percentile":317},"2025-12-28",{"date":323,"score":180,"percentile":312},"2025-12-29",{"date":325,"score":180,"percentile":326},"2025-12-30",0.00507,{"date":328,"score":180,"percentile":295},"2025-12-31",{"date":330,"score":180,"percentile":295},"2026-01-01",{"date":332,"score":180,"percentile":312},"2026-01-02",{"date":334,"score":180,"percentile":317},"2026-01-03",{"date":336,"score":180,"percentile":273},"2026-01-04",{"date":338,"score":180,"percentile":278},"2026-01-05",{"date":340,"score":180,"percentile":341},"2026-01-06",0.00499,{"date":343,"score":180,"percentile":341},"2026-01-07",{"date":345,"score":180,"percentile":302},"2026-01-08",{"date":347,"score":180,"percentile":326},"2026-01-09",{"date":349,"score":180,"percentile":312},"2026-01-10",{"date":351,"score":180,"percentile":309},"2026-01-11",{"date":353,"score":180,"percentile":281},"2026-01-12",{"date":355,"score":180,"percentile":295},"2026-01-13",{"date":357,"score":180,"percentile":326},"2026-01-14",{"date":359,"score":180,"percentile":326},"2026-01-15",{"date":361,"score":180,"percentile":326},"2026-01-16",{"date":363,"score":180,"percentile":326},"2026-01-17",{"date":365,"score":180,"percentile":312},"2026-01-18",{"date":367,"score":180,"percentile":281},"2026-01-19",{"date":369,"score":180,"percentile":295},"2026-01-20",{"date":371,"score":180,"percentile":286},"2026-01-21",{"date":373,"score":180,"percentile":286},"2026-01-22",{"date":375,"score":180,"percentile":312},"2026-01-23",{"date":377,"score":180,"percentile":378},"2026-01-24",0.00511,{"date":380,"score":180,"percentile":381},"2026-01-25",0.00513,{"date":383,"score":180,"percentile":384},"2026-01-26",0.00514,{"date":386,"score":180,"percentile":387},"2026-01-27",0.0052,{"date":389,"score":180,"percentile":390},"2026-01-28",0.00521,{"date":392,"score":180,"percentile":393},"2026-01-29",0.00524,{"date":395,"score":180,"percentile":396},"2026-01-30",0.00534,{"date":398,"score":180,"percentile":399},"2026-01-31",0.00537,{"date":401,"score":180,"percentile":402},"2026-02-01",0.0054,[404,409],{"source":138,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":405,"cvss_v4_0":9},{"baseScore":136,"baseSeverity":406,"vectorString":139,"impactScore":407,"exploitabilityScore":408},"HIGH",10,2.1,{"source":144,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":410,"cvss_v4_0":9},{"baseScore":411,"baseSeverity":412,"vectorString":413,"impactScore":414,"exploitabilityScore":415},6.4,"MEDIUM","CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",9.8,1.3,[417,425,447],{"ecosystem":9,"name":418,"vendor":419,"product":418,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"fedora","fedoraproject","o",[422],{"version":423,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38","cpe",{"ecosystem":9,"name":426,"vendor":427,"product":428,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":429},"linux kernel","linux","linux_kernel",[430,435,437,439,441,443,445],{"version":431,"is_range":432,"range_type":424,"version_start":9,"version_start_type":9,"version_end":433,"version_end_type":434,"fixed_in":9},"lt6.5",true,"6.5","excluding",{"version":436,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc1",{"version":438,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc2",{"version":440,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc3",{"version":442,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc4",{"version":444,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc5",{"version":446,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc6",{"ecosystem":9,"name":448,"vendor":449,"product":450,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":451},"enterprise linux","redhat","enterprise_linux",[452,454],{"version":453,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":455,"is_range":132,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0"]