CVE-2022-32250
- EPSS 2.88%
- Veröffentlicht 02.06.2022 21:15:07
- Zuletzt bearbeitet 21.11.2024 07:06:01
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
CVE-2022-1943
- EPSS 0.28%
- Veröffentlicht 02.06.2022 14:15:34
- Zuletzt bearbeitet 21.11.2024 06:41:48
A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially
CVE-2022-1789
- EPSS 0.32%
- Veröffentlicht 02.06.2022 14:15:33
- Zuletzt bearbeitet 21.11.2024 06:41:28
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
CVE-2022-1462
- EPSS 0.33%
- Veröffentlicht 02.06.2022 14:15:32
- Zuletzt bearbeitet 21.11.2024 06:40:46
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc functi...
CVE-2022-1652
- EPSS 0.54%
- Veröffentlicht 02.06.2022 14:15:32
- Zuletzt bearbeitet 21.11.2024 06:41:10
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to exe...
CVE-2022-1882
- EPSS 0.35%
- Veröffentlicht 26.05.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:41:40
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially ...
- EPSS 0.52%
- Veröffentlicht 18.05.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:41:21
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
CVE-2022-29581
- EPSS 1.03%
- Veröffentlicht 17.05.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:59:20
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
CVE-2022-1679
- EPSS 0.8%
- Veröffentlicht 16.05.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:41:14
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate the...
CVE-2022-30594
- EPSS 0.8%
- Veröffentlicht 12.05.2022 05:15:06
- Zuletzt bearbeitet 21.11.2024 07:02:59
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.