VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2022-45885HigNov 25, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

  • CVE-2022-45884HigNov 25, 2022
    risk 0.00cvss 7.0epss 0.00

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

  • CVE-2022-42896HigNov 23, 2022
    risk 0.00cvss 8.0epss 0.02

    There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code…

  • CVE-2022-42895MedNov 23, 2022
    risk 0.00cvss 5.1epss 0.00

    There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit  https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3…

  • CVE-2022-3910HigNov 22, 2022
    risk 0.00cvss 7.8epss 0.01

    Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased…

  • CVE-2022-44034MedOct 30, 2022
    risk 0.00cvss 6.4epss 0.00

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and…

  • CVE-2022-44033MedOct 30, 2022
    risk 0.00cvss 6.4epss 0.00

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and…

  • CVE-2022-44032MedOct 30, 2022
    risk 0.00cvss 6.4epss 0.00

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and…

  • CVE-2022-43750MedOct 26, 2022
    risk 0.00cvss 6.7epss 0.00

    drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.

  • CVE-2022-3649LowOct 21, 2022
    risk 0.00cvss 3.1epss 0.01

    A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is…

  • CVE-2022-3646LowOct 21, 2022
    risk 0.00cvss 3.1epss 0.01

    A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is…

  • CVE-2022-3640MedOct 21, 2022
    risk 0.00cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this…

  • CVE-2022-3637LowOct 21, 2022
    risk 0.00cvss 2.6epss 0.00

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlink_init of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue.…

  • CVE-2022-3636MedOct 21, 2022
    risk 0.00cvss 5.5epss 0.00

    A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply…

  • CVE-2022-3635MedOct 21, 2022
    risk 0.00cvss 5.5epss 0.00

    A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this…

  • CVE-2022-3633LowOct 21, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this…

  • CVE-2022-3630LowOct 21, 2022
    risk 0.00cvss 3.1epss 0.00

    A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects some unknown processing of the file fs/fscache/cookie.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The…

  • CVE-2022-3629LowOct 21, 2022
    risk 0.00cvss 2.6epss 0.00

    A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears…

  • CVE-2022-3625MedOct 21, 2022
    risk 0.00cvss 4.6epss 0.00

    A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix…

  • CVE-2022-3624LowOct 21, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is the function rlb_arp_xmit of the file drivers/net/bonding/bond_alb.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this…

  • CVE-2022-3623MedOct 20, 2022
    risk 0.00cvss 5.0epss 0.01

    A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is…

  • CVE-2022-3621MedOct 20, 2022
    risk 0.00cvss 4.3epss 0.01

    A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack…

  • CVE-2022-3619LowOct 20, 2022
    risk 0.00cvss 3.5epss 0.01

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch…

  • CVE-2022-3577HigOct 20, 2022
    risk 0.00cvss 7.8epss 0.00

    An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect…

  • CVE-2022-3586MedOct 19, 2022
    risk 0.00cvss 5.5epss 0.00

    A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to…

  • CVE-2022-3606LowOct 19, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to…

  • CVE-2022-3595LowOct 18, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this…

  • CVE-2022-3594MedOct 18, 2022
    risk 0.00cvss 5.3epss 0.02

    A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched…

  • CVE-2022-3567MedOct 17, 2022
    risk 0.00cvss 4.6epss 0.00

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue.…

  • CVE-2022-3566MedOct 17, 2022
    risk 0.00cvss 4.6epss 0.00

    A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier…

  • CVE-2022-3565MedOct 17, 2022
    risk 0.00cvss 4.6epss 0.00

    A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a…

  • CVE-2022-3564MedOct 17, 2022
    risk 0.00cvss 5.5epss 0.01

    A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch…

  • CVE-2022-3563LowOct 17, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read_50_controller_cap_complete of the file tools/mgmt-tester.c of the component BlueZ. The manipulation of the argument cap_len leads to null pointer dereference. It is…

  • CVE-2022-3545MedOct 17, 2022
    risk 0.00cvss 5.5epss 0.00

    A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is…

  • CVE-2022-3544LowOct 17, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue.…

  • CVE-2022-3543LowOct 17, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a…

  • CVE-2022-3541MedOct 17, 2022
    risk 0.00cvss 5.5epss 0.00

    A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a…

  • CVE-2022-3534MedOct 17, 2022
    risk 0.00cvss 5.5epss 0.01

    A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The…

  • CVE-2022-3533LowOct 17, 2022
    risk 0.00cvss 3.5epss 0.00

    A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parse_usdt_arg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument reg_name leads to memory leak. It is recommended to apply a patch…

  • CVE-2022-3526MedOct 16, 2022
    risk 0.00cvss 5.3epss 0.01

    A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is…

  • CVE-2022-3524MedOct 16, 2022
    risk 0.00cvss 4.3epss 0.01

    A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply…

  • CVE-2022-3523MedOct 16, 2022
    risk 0.00cvss 5.3epss 0.01

    A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to…

  • CVE-2022-3521LowOct 16, 2022
    risk 0.00cvss 2.6epss 0.00

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue.…

  • CVE-2022-42722MedOct 14, 2022
    risk 0.00cvss 5.5epss 0.01

    In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.

  • CVE-2022-42721MedOct 14, 2022
    risk 0.00cvss 5.5epss 0.01

    A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.

  • CVE-2022-42720HigOct 14, 2022
    risk 0.00cvss 7.8epss 0.01

    Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.

  • CVE-2022-41674HigOct 14, 2022
    risk 0.00cvss 8.1epss 0.04

    An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.

  • CVE-2022-42719HigOct 13, 2022
    risk 0.00cvss 8.8epss 0.01

    A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

  • CVE-2022-42703MedOct 9, 2022
    risk 0.00cvss 5.5epss 0.01

    mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

  • CVE-2022-41850MedSep 30, 2022
    risk 0.00cvss 4.7epss 0.00

    roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

Page 286 of 320