[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-4194":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":240,"aliases":241,"duplicate_of":9,"upstream":242,"downstream":243,"duplicates":314,"related":315,"reserved_at":9,"published_at":335,"modified_at":336,"state":337,"summary":338,"references_raw":347,"kevs":405,"epss":406,"epss_history":409,"metrics":631,"affected":639},"CVE-2023-4194","A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.",null,[11,228,233],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1188","Initialization of a Resource with an Insecure Default","The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.","weakness","Incomplete","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[23,60,100],{"id":24,"name":25,"tactics":26,"countermeasures":33},"T1211","Exploitation for Stealth",[27,30],{"id":28,"name":29},"TA0030","Defense Evasion",{"id":31,"name":32},"TA0005","Stealth",[34,39,43,47,52,56],{"id":35,"name":36,"tactic":37},"D3-MBT","Memory Boundary Tracking",{"name":38},"Detect",{"id":40,"name":41,"tactic":42},"D3-PCSV","Process Code Segment Verification",{"name":38},{"id":44,"name":45,"tactic":46},"D3-SSC","Shadow Stack Comparisons",{"name":38},{"id":48,"name":49,"tactic":50},"D3-PSEP","Process Segment Execution Prevention",{"name":51},"Harden",{"id":53,"name":54,"tactic":55},"D3-SAOR","Segment Address Offset Randomization",{"name":51},{"id":57,"name":58,"tactic":59},"D3-SFCV","Stack Frame Canary Validation",{"name":51},{"id":61,"name":62,"tactics":63,"countermeasures":69},"T1542.002","Component Firmware",[64,65,66],{"id":28,"name":29},{"id":31,"name":32},{"id":67,"name":68},"TA0110","Persistence",[70,75,79,83,87,91,95],{"id":71,"name":72,"tactic":73},"D3-SWI","Software Inventory",{"name":74},"Model",{"id":76,"name":77,"tactic":78},"D3-AVE","Asset Vulnerability Enumeration",{"name":74},{"id":80,"name":81,"tactic":82},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":38},{"id":84,"name":85,"tactic":86},"D3-FV","Firmware Verification",{"name":38},{"id":88,"name":89,"tactic":90},"D3-FBA","Firmware Behavior Analysis",{"name":38},{"id":92,"name":93,"tactic":94},"D3-SU","Software Update",{"name":51},{"id":96,"name":97,"tactic":98},"D3-RS","Restore Software",{"name":99},"Restore",{"id":101,"name":102,"tactics":103,"countermeasures":112},"T1556","Modify Authentication Process",[104,105,108,109],{"id":28,"name":29},{"id":106,"name":107},"TA0112","Defense Impairment",{"id":67,"name":68},{"id":110,"name":111},"TA0031","Credential Access",[113,117,121,125,129,133,137,141,145,149,154,158,162,166,170,175,179,183,187,192,196,200,204,208,212,216,220,224],{"id":114,"name":115,"tactic":116},"D3-CI","Configuration Inventory",{"name":74},{"id":118,"name":119,"tactic":120},"D3-NTPM","Network Traffic Policy Mapping",{"name":74},{"id":122,"name":123,"tactic":124},"D3-AM","Access Modeling",{"name":74},{"id":126,"name":127,"tactic":128},"D3-FA","File Analysis",{"name":38},{"id":130,"name":131,"tactic":132},"D3-FIM","File Integrity Monitoring",{"name":38},{"id":134,"name":135,"tactic":136},"D3-PLA","Process Lineage Analysis",{"name":38},{"id":138,"name":139,"tactic":140},"D3-PSMD","Process Self-Modification Detection",{"name":38},{"id":142,"name":143,"tactic":144},"D3-PSA","Process Spawn Analysis",{"name":38},{"id":146,"name":147,"tactic":148},"D3-SFA","System File Analysis",{"name":38},{"id":150,"name":151,"tactic":152},"D3-FEV","File Eviction",{"name":153},"Evict",{"id":155,"name":156,"tactic":157},"D3-PT","Process Termination",{"name":153},{"id":159,"name":160,"tactic":161},"D3-PS","Process Suspension",{"name":153},{"id":163,"name":164,"tactic":165},"D3-HR","Host Reboot",{"name":153},{"id":167,"name":168,"tactic":169},"D3-HS","Host Shutdown",{"name":153},{"id":171,"name":172,"tactic":173},"D3-DF","Decoy File",{"name":174},"Deceive",{"id":176,"name":177,"tactic":178},"D3-FE","File Encryption",{"name":51},{"id":180,"name":181,"tactic":182},"D3-RF","Restore File",{"name":99},{"id":184,"name":185,"tactic":186},"D3-RC","Restore Configuration",{"name":99},{"id":188,"name":189,"tactic":190},"D3-CF","Content Filtering",{"name":191},"Isolate",{"id":193,"name":194,"tactic":195},"D3-LFP","Local File Permissions",{"name":191},{"id":197,"name":198,"tactic":199},"D3-RFAM","Remote File Access Mediation",{"name":191},{"id":201,"name":202,"tactic":203},"D3-CQ","Content Quarantine",{"name":191},{"id":205,"name":206,"tactic":207},"D3-CM","Content Modification",{"name":191},{"id":209,"name":210,"tactic":211},"D3-KBPI","Kernel-based Process Isolation",{"name":191},{"id":213,"name":214,"tactic":215},"D3-SCF","System Call Filtering",{"name":191},{"id":217,"name":218,"tactic":219},"D3-HBPI","Hardware-based Process Isolation",{"name":191},{"id":221,"name":222,"tactic":223},"D3-ABPI","Application-based Process Isolation",{"name":191},{"id":225,"name":226,"tactic":227},"D3-WSAM","Web Session Access Mediation",{"name":191},{"_key":229,"id":229,"name":230,"description":231,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":232},"CWE-843","Access of Resource Using Incompatible Type ('Type Confusion')","The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.",[],{"_key":234,"id":234,"name":235,"description":236,"type":15,"status":16,"abstraction":237,"likelihood_of_exploit":238,"capec":239},"CWE-863","Incorrect Authorization","The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.","Class","High",[],[],[],[],[244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312],{"_key":245},"SUSE-SU-2023:3705-1",{"_key":247},"SUSE-SU-2023:3682-1",{"_key":249},"SUSE-SU-2023:3390-1",{"_key":251},"SUSE-SU-2023:3599-1",{"_key":253},"SUSE-SU-2023:3599-2",{"_key":255},"SUSE-SU-2023:3600-1",{"_key":257},"SUSE-SU-2023:3600-2",{"_key":259},"SUSE-SU-2023:3601-1",{"_key":261},"SUSE-SU-2023:3681-1",{"_key":263},"SUSE-SU-2023:3785-1",{"_key":265},"SUSE-SU-2023:3392-1",{"_key":267},"SUSE-SU-2023:3656-1",{"_key":269},"SUSE-SU-2023:3684-1",{"_key":271},"SUSE-SU-2023:3964-1",{"_key":273},"SUSE-SU-2023:3969-1",{"_key":275},"SUSE-SU-2023:3971-1",{"_key":277},"SUSE-SU-2023:3988-1",{"_key":279},"OPENSUSE-SU-2024:13145-1",{"_key":281},"OPENSUSE-SU-2024:13704-1",{"_key":283},"DLA-3623-1",{"_key":285},"DSA-5480-1",{"_key":287},"DSA-5492-1",{"_key":289},"UBUNTU-CVE-2023-4194",{"_key":291},"DEBIAN-CVE-2023-4194",{"_key":293},"RHSA-2023:6583",{"_key":295},"USN-6343-1",{"_key":297},"USN-6385-1",{"_key":299},"USN-6412-1",{"_key":301},"USN-6416-1",{"_key":303},"USN-6416-2",{"_key":305},"USN-6416-3",{"_key":307},"USN-6417-1",{"_key":309},"USN-6445-1",{"_key":311},"USN-6445-2",{"_key":313},"USN-6466-1",[],[316,317,318,319,320,321,322,323,324,325,326,327,328,329,330,331,332,333,334],{"_key":245},{"_key":247},{"_key":249},{"_key":251},{"_key":253},{"_key":255},{"_key":257},{"_key":259},{"_key":261},{"_key":263},{"_key":265},{"_key":267},{"_key":269},{"_key":271},{"_key":273},{"_key":275},{"_key":277},{"_key":279},{"_key":281},"2023-08-07T13:19:44.215Z","2026-03-24T11:22:55.319Z","Modified",{"cisa_kev":339,"cisa_ransomware":339,"cisa_vendor":9,"epss_severity":340,"epss_score":341,"severity":342,"severity_score":343,"severity_version":344,"severity_source":345,"severity_vector":346,"severity_status":337},false,"low",0.00007,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",[348,356,361,366,372,376,380,385,389,393,397,401],{"url":349,"sources":350,"tags":352},"https://access.redhat.com/errata/RHSA-2023:6583",[345,351],"nvd",[353,354,355],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":357,"sources":358,"tags":359},"https://access.redhat.com/security/cve/CVE-2023-4194",[345,351],[360,354,355],"VDB Entry",{"url":362,"sources":363,"tags":364},"https://bugzilla.redhat.com/show_bug.cgi?id=2229498",[345,351],[365,354,355],"Issue Tracking",{"url":367,"sources":368,"tags":369},"https://lore.kernel.org/all/20230731164237.48365-1-lersek@redhat.com/",[345,351],[370,371,353],"Mailing List","Patch",{"url":373,"sources":374,"tags":375},"https://lore.kernel.org/all/20230731164237.48365-2-lersek@redhat.com/",[345,351],[370,371,353],{"url":377,"sources":378,"tags":379},"https://lore.kernel.org/all/20230731164237.48365-3-lersek@redhat.com/",[345,351],[370,371,353],{"url":381,"sources":382,"tags":383},"https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",[345,351],[384],"X Transferred",{"url":386,"sources":387,"tags":388},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/",[345,351],[384],{"url":390,"sources":391,"tags":392},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/",[345,351],[384],{"url":394,"sources":395,"tags":396},"https://security.netapp.com/advisory/ntap-20231027-0002/",[345,351],[384],{"url":398,"sources":399,"tags":400},"https://www.debian.org/security/2023/dsa-5480",[345,351],[384],{"url":402,"sources":403,"tags":404},"https://www.debian.org/security/2023/dsa-5492",[345,351],[384],[],{"date":407,"score":341,"percentile":408},"2026-06-03",0.00504,[410,414,416,419,422,425,428,431,433,436,438,441,443,445,448,452,455,458,460,462,464,466,468,470,472,474,476,478,480,482,484,486,489,491,493,496,499,501,504,507,510,513,515,517,520,522,525,527,529,531,534,537,539,541,544,546,548,550,552,555,557,560,563,565,568,570,573,576,578,581,584,587,590,592,594,596,598,600,603,605,607,609,611,613,615,618,620,623,626,629],{"date":411,"score":412,"percentile":413},"2025-11-04",0.00006,0.00275,{"date":415,"score":412,"percentile":413},"2025-11-05",{"date":417,"score":412,"percentile":418},"2025-11-06",0.00276,{"date":420,"score":412,"percentile":421},"2025-11-07",0.00274,{"date":423,"score":412,"percentile":424},"2025-11-08",0.00273,{"date":426,"score":412,"percentile":427},"2025-11-09",0.00271,{"date":429,"score":412,"percentile":430},"2025-11-10",0.00272,{"date":432,"score":412,"percentile":427},"2025-11-11",{"date":434,"score":412,"percentile":435},"2025-11-12",0.0027,{"date":437,"score":412,"percentile":435},"2025-11-13",{"date":439,"score":412,"percentile":440},"2025-11-14",0.00269,{"date":442,"score":412,"percentile":440},"2025-11-15",{"date":444,"score":412,"percentile":440},"2025-11-16",{"date":446,"score":412,"percentile":447},"2025-11-17",0.00268,{"date":449,"score":450,"percentile":451},"2025-11-18",0.00046,0.09272,{"date":453,"score":450,"percentile":454},"2025-11-19",0.09284,{"date":456,"score":450,"percentile":457},"2025-11-20",0.09306,{"date":459,"score":412,"percentile":424},"2025-11-21",{"date":461,"score":412,"percentile":424},"2025-11-22",{"date":463,"score":412,"percentile":430},"2025-11-23",{"date":465,"score":412,"percentile":427},"2025-11-24",{"date":467,"score":412,"percentile":427},"2025-11-25",{"date":469,"score":412,"percentile":427},"2025-11-26",{"date":471,"score":412,"percentile":435},"2025-11-27",{"date":473,"score":412,"percentile":424},"2025-11-28",{"date":475,"score":412,"percentile":424},"2025-11-29",{"date":477,"score":412,"percentile":430},"2025-11-30",{"date":479,"score":412,"percentile":435},"2025-12-01",{"date":481,"score":412,"percentile":427},"2025-12-02",{"date":483,"score":412,"percentile":430},"2025-12-03",{"date":485,"score":412,"percentile":418},"2025-12-04",{"date":487,"score":412,"percentile":488},"2025-12-05",0.00277,{"date":490,"score":412,"percentile":418},"2025-12-06",{"date":492,"score":412,"percentile":418},"2025-12-07",{"date":494,"score":412,"percentile":495},"2025-12-08",0.00279,{"date":497,"score":412,"percentile":498},"2025-12-09",0.00288,{"date":500,"score":412,"percentile":498},"2025-12-10",{"date":502,"score":412,"percentile":503},"2025-12-11",0.00292,{"date":505,"score":412,"percentile":506},"2025-12-12",0.00297,{"date":508,"score":412,"percentile":509},"2025-12-13",0.00296,{"date":511,"score":412,"percentile":512},"2025-12-14",0.00293,{"date":514,"score":412,"percentile":503},"2025-12-15",{"date":516,"score":412,"percentile":503},"2025-12-16",{"date":518,"score":412,"percentile":519},"2025-12-17",0.00291,{"date":521,"score":412,"percentile":503},"2025-12-18",{"date":523,"score":412,"percentile":524},"2025-12-19",0.00249,{"date":526,"score":412,"percentile":524},"2025-12-20",{"date":528,"score":412,"percentile":524},"2025-12-21",{"date":530,"score":412,"percentile":524},"2025-12-22",{"date":532,"score":412,"percentile":533},"2025-12-23",0.0025,{"date":535,"score":412,"percentile":536},"2025-12-24",0.00248,{"date":538,"score":412,"percentile":536},"2025-12-25",{"date":540,"score":412,"percentile":536},"2025-12-26",{"date":542,"score":412,"percentile":543},"2025-12-27",0.00315,{"date":545,"score":412,"percentile":536},"2025-12-28",{"date":547,"score":412,"percentile":536},"2025-12-29",{"date":549,"score":412,"percentile":536},"2025-12-30",{"date":551,"score":412,"percentile":536},"2025-12-31",{"date":553,"score":412,"percentile":554},"2026-01-01",0.00247,{"date":556,"score":412,"percentile":536},"2026-01-02",{"date":558,"score":412,"percentile":559},"2026-01-03",0.00246,{"date":561,"score":412,"percentile":562},"2026-01-04",0.0024,{"date":564,"score":412,"percentile":562},"2026-01-05",{"date":566,"score":412,"percentile":567},"2026-01-06",0.00239,{"date":569,"score":412,"percentile":567},"2026-01-07",{"date":571,"score":412,"percentile":572},"2026-01-08",0.00289,{"date":574,"score":412,"percentile":575},"2026-01-09",0.00287,{"date":577,"score":412,"percentile":575},"2026-01-10",{"date":579,"score":412,"percentile":580},"2026-01-11",0.00286,{"date":582,"score":412,"percentile":583},"2026-01-12",0.00282,{"date":585,"score":412,"percentile":586},"2026-01-13",0.00281,{"date":588,"score":412,"percentile":589},"2026-01-14",0.00284,{"date":591,"score":412,"percentile":589},"2026-01-15",{"date":593,"score":412,"percentile":580},"2026-01-16",{"date":595,"score":412,"percentile":580},"2026-01-17",{"date":597,"score":412,"percentile":498},"2026-01-18",{"date":599,"score":412,"percentile":575},"2026-01-19",{"date":601,"score":412,"percentile":602},"2026-01-20",0.00285,{"date":604,"score":412,"percentile":602},"2026-01-21",{"date":606,"score":412,"percentile":580},"2026-01-22",{"date":608,"score":412,"percentile":498},"2026-01-23",{"date":610,"score":412,"percentile":519},"2026-01-24",{"date":612,"score":412,"percentile":519},"2026-01-25",{"date":614,"score":412,"percentile":503},"2026-01-26",{"date":616,"score":412,"percentile":617},"2026-01-27",0.00295,{"date":619,"score":412,"percentile":617},"2026-01-28",{"date":621,"score":412,"percentile":622},"2026-01-29",0.00298,{"date":624,"score":412,"percentile":625},"2026-01-30",0.00304,{"date":627,"score":412,"percentile":628},"2026-01-31",0.00305,{"date":630,"score":412,"percentile":506},"2026-02-01",[632,637],{"source":345,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":633,"cvss_v4_0":9},{"baseScore":343,"baseSeverity":634,"vectorString":346,"impactScore":635,"exploitabilityScore":636},"MEDIUM",6,4.6,{"source":351,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":638,"cvss_v4_0":9},{"baseScore":343,"baseSeverity":634,"vectorString":346,"impactScore":635,"exploitabilityScore":636},[640,653,661,679],{"ecosystem":9,"name":641,"vendor":642,"product":643,"cpe_part":644,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":645},"debian linux","debian","debian_linux","o",[646,649,651],{"version":647,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":650,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"version":652,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0",{"ecosystem":9,"name":654,"vendor":655,"product":654,"cpe_part":644,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":656},"fedora","fedoraproject",[657,659],{"version":658,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"version":660,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38",{"ecosystem":9,"name":662,"vendor":663,"product":664,"cpe_part":644,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":665},"linux kernel","linux","linux_kernel",[666,671,673,675,677],{"version":667,"is_range":668,"range_type":648,"version_start":9,"version_start_type":9,"version_end":669,"version_end_type":670,"fixed_in":9},"lte6.4",true,"6.4","including",{"version":672,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc1",{"version":674,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc2",{"version":676,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc3",{"version":678,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc4",{"ecosystem":9,"name":680,"vendor":681,"product":682,"cpe_part":644,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":683},"enterprise linux","redhat","enterprise_linux",[684,686],{"version":685,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":687,"is_range":339,"range_type":648,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0"]