CVE-2022-4662
- EPSS 0.01%
- Veröffentlicht 22.12.2022 22:15:16
- Zuletzt bearbeitet 09.04.2025 19:15:46
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.
CVE-2022-20566
- EPSS 0.02%
- Veröffentlicht 16.12.2022 16:15:19
- Zuletzt bearbeitet 21.04.2025 14:15:26
In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...
CVE-2022-20572
- EPSS 0.01%
- Veröffentlicht 16.12.2022 16:15:19
- Zuletzt bearbeitet 18.04.2025 15:15:46
In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...
CVE-2022-3111
- EPSS 0.02%
- Veröffentlicht 14.12.2022 21:15:12
- Zuletzt bearbeitet 22.04.2025 14:15:19
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
CVE-2022-25836
- EPSS 0.25%
- Veröffentlicht 12.12.2022 04:15:09
- Zuletzt bearbeitet 22.04.2025 21:15:42
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing In...
CVE-2022-25837
- EPSS 0.25%
- Veröffentlicht 12.12.2022 04:15:09
- Zuletzt bearbeitet 22.04.2025 21:15:42
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the o...
CVE-2022-4129
- EPSS 0.02%
- Veröffentlicht 28.11.2022 22:15:11
- Zuletzt bearbeitet 14.04.2025 18:15:24
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a ...
CVE-2022-45934
- EPSS 0.41%
- Veröffentlicht 27.11.2022 04:15:10
- Zuletzt bearbeitet 29.04.2025 14:15:30
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
- EPSS 0.03%
- Veröffentlicht 27.11.2022 02:15:16
- Zuletzt bearbeitet 21.11.2024 07:29:57
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
- EPSS 0.02%
- Veröffentlicht 25.11.2022 04:15:09
- Zuletzt bearbeitet 21.11.2024 07:29:53
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.