Kernel
by Linux
Source repositories
CVEs (15,817)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29581 | Hig | 0.00 | 7.8 | 0.01 | May 17, 2022 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | ||
| CVE-2022-1116 | Hig | 0.00 | 7.8 | 0.01 | May 17, 2022 | Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. | ||
| CVE-2022-30594 | Hig | 0.00 | 7.8 | 0.01 | May 12, 2022 | The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. | ||
| CVE-2022-1516 | Med | 0.00 | 5.5 | 0.00 | May 5, 2022 | A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash… | ||
| CVE-2022-29968 | Hig | 0.00 | 7.8 | 0.01 | May 2, 2022 | An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. | ||
| CVE-2022-1353 | Hig | 0.00 | 7.1 | 0.00 | Apr 29, 2022 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. | ||
| CVE-2022-1195 | Med | 0.00 | 5.5 | 0.00 | Apr 29, 2022 | A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. | ||
| CVE-2022-29582 | Hig | 0.00 | 7.0 | 0.01 | Apr 22, 2022 | In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. | ||
| CVE-2022-29156 | Hig | 0.00 | 7.8 | 0.00 | Apr 13, 2022 | drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. | ||
| CVE-2022-28893 | Hig | 0.00 | 7.8 | 0.00 | Apr 11, 2022 | The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | ||
| CVE-2022-28796 | Hig | 0.00 | 7.0 | 0.00 | Apr 8, 2022 | jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | ||
| CVE-2022-28390 | Hig | 0.00 | 7.8 | 0.00 | Apr 3, 2022 | ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. | ||
| CVE-2022-28389 | Med | 0.00 | 5.5 | 0.00 | Apr 3, 2022 | mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. | ||
| CVE-2022-28388 | Med | 0.00 | 5.5 | 0.00 | Apr 3, 2022 | usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. | ||
| CVE-2022-28356 | Med | 0.00 | 5.5 | 0.01 | Apr 2, 2022 | In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. | ||
| CVE-2022-1055 | Hig | 0.00 | 7.8 | 0.01 | Mar 29, 2022 | A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 | ||
| CVE-2022-27950 | Med | 0.00 | 5.5 | 0.00 | Mar 28, 2022 | In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition. | ||
| CVE-2022-0500 | Hig | 0.00 | 7.8 | 0.00 | Mar 25, 2022 | A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. | ||
| CVE-2022-0322 | Med | 0.00 | 5.5 | 0.00 | Mar 25, 2022 | A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of… | ||
| CVE-2021-4203 | Med | 0.00 | 6.8 | 0.02 | Mar 25, 2022 | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. |
- risk 0.00cvss 7.8epss 0.01
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
- risk 0.00cvss 7.8epss 0.01
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.
- risk 0.00cvss 7.8epss 0.01
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
- risk 0.00cvss 5.5epss 0.00
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash…
- risk 0.00cvss 7.8epss 0.01
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.
- risk 0.00cvss 7.1epss 0.00
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
- risk 0.00cvss 5.5epss 0.00
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.
- risk 0.00cvss 7.0epss 0.01
In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.
- risk 0.00cvss 7.8epss 0.00
drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
- risk 0.00cvss 7.8epss 0.00
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
- risk 0.00cvss 7.0epss 0.00
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
- risk 0.00cvss 7.8epss 0.00
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
- risk 0.00cvss 5.5epss 0.00
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
- risk 0.00cvss 5.5epss 0.00
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
- risk 0.00cvss 5.5epss 0.01
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
- risk 0.00cvss 7.8epss 0.01
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
- risk 0.00cvss 5.5epss 0.00
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition.
- risk 0.00cvss 7.8epss 0.00
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
- risk 0.00cvss 5.5epss 0.00
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of…
- risk 0.00cvss 6.8epss 0.02
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
Page 713 of 791