- EPSS 0.14%
- Veröffentlicht 15.06.2022 14:15:11
- Zuletzt bearbeitet 21.11.2024 06:42:14
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not n...
CVE-2022-20166
- EPSS 0.15%
- Veröffentlicht 15.06.2022 14:15:11
- Zuletzt bearbeitet 21.11.2024 06:42:16
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio...
CVE-2022-20132
- EPSS 0.2%
- Veröffentlicht 15.06.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:42:13
In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no add...
CVE-2022-32296
- EPSS 0.43%
- Veröffentlicht 05.06.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 07:06:07
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
CVE-2022-1462
- EPSS 0.33%
- Veröffentlicht 02.06.2022 14:15:32
- Zuletzt bearbeitet 21.11.2024 06:40:46
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc functi...
CVE-2022-1652
- EPSS 0.54%
- Veröffentlicht 02.06.2022 14:15:32
- Zuletzt bearbeitet 21.11.2024 06:41:10
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to exe...
CVE-2022-1679
- EPSS 0.81%
- Veröffentlicht 16.05.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:41:14
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate the...
CVE-2022-20009
- EPSS 0.33%
- Veröffentlicht 10.05.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:41:56
In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...
- EPSS 0.24%
- Veröffentlicht 29.04.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:39:55
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user t...
CVE-2022-1353
- EPSS 0.39%
- Veröffentlicht 29.04.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:40:33
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.