CVE-2022-20567
- EPSS 0.11%
- Veröffentlicht 16.12.2022 16:15:19
- Zuletzt bearbeitet 21.04.2025 14:15:26
In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe...
CVE-2022-20572
- EPSS 0.49%
- Veröffentlicht 16.12.2022 16:15:19
- Zuletzt bearbeitet 18.04.2025 15:15:46
In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...
CVE-2022-3111
- EPSS 0.21%
- Veröffentlicht 14.12.2022 21:15:12
- Zuletzt bearbeitet 22.04.2025 14:15:19
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
CVE-2022-25836
- EPSS 0.35%
- Veröffentlicht 12.12.2022 04:15:09
- Zuletzt bearbeitet 22.04.2025 21:15:42
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing In...
CVE-2022-25837
- EPSS 0.35%
- Veröffentlicht 12.12.2022 04:15:09
- Zuletzt bearbeitet 22.04.2025 21:15:42
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the o...
CVE-2022-3643
- EPSS 0.46%
- Veröffentlicht 07.12.2022 01:15:11
- Zuletzt bearbeitet 21.11.2024 07:19:56
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption i...
CVE-2022-4129
- EPSS 0.17%
- Veröffentlicht 28.11.2022 22:15:11
- Zuletzt bearbeitet 14.04.2025 18:15:24
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a ...
CVE-2022-45934
- EPSS 0.75%
- Veröffentlicht 27.11.2022 04:15:10
- Zuletzt bearbeitet 29.04.2025 14:15:30
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
- EPSS 0.25%
- Veröffentlicht 27.11.2022 02:15:16
- Zuletzt bearbeitet 21.11.2024 07:29:57
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
- EPSS 0.31%
- Veröffentlicht 25.11.2022 04:15:09
- Zuletzt bearbeitet 21.11.2024 07:29:53
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.