CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2022-43945 – kernel: nfsd buffer overflow by RPC message over TCP with garbage data
https://notcve.org/view.php?id=CVE-2022-43945
04 Nov 2022 — The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forwar... • http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html • CWE-131: Incorrect Calculation of Buffer Size CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44032
https://notcve.org/view.php?id=CVE-2022-44032
30 Oct 2022 — An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach(). Se descubrió un problema en el kernel de Linux hasta la versión 6.0.6. drivers/char/pcmcia/cm4000_cs.c tiene una condición de ejecución y Use-After-Free resultante si un atacante físicamente cercano elimina un dispositivo PCMCIA ... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44033
https://notcve.org/view.php?id=CVE-2022-44033
30 Oct 2022 — An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach(). Se descubrió un problema en el kernel de Linux hasta la versión 6.0.6. drivers/char/pcmcia/cm4040_cs.c tiene una condición de ejecución y Use-After-Free resultante si un atacante físicamente cercano elimina un dispositivo PCMC... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44034
https://notcve.org/view.php?id=CVE-2022-44034
30 Oct 2022 — An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove(). Se descubrió un problema en el kernel de Linux hasta la versión 6.0.6. drivers/char/pcmcia/scr24x_cs.c tiene una condición de ejecución y Use-After-Free resultante si un atacante físicamente cercano elimina un dispositivo PCMC... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3344
https://notcve.org/view.php?id=CVE-2022-3344
24 Oct 2022 — A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). Se ha encontrado un fallo en la virtualización anidada AMD (SVM) de KVM. Un huésped L1 malicioso podría fallar a propósito para interceptar el apagado de un huésped anidado cooperativo (L2), posiblemente conllevando a una falla de página y pánico del kernel en el host (L0) • https://bugzilla.redhat.com/show_bug.cgi?id=2130278 • CWE-440: Expected Behavior Violation •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 1CVE-2022-3635 – Linux Kernel IPsec idt77252.c tst_timer use after free
https://notcve.org/view.php?id=CVE-2022-3635
21 Oct 2022 — A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability. • https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.0EPSS: 0%CPEs: 18EXPL: 0CVE-2022-3649 – Linux Kernel BPF inode.c nilfs_new_inode use after free
https://notcve.org/view.php?id=CVE-2022-3649
21 Oct 2022 — A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d325dc6eb763c10f591c239550b8c7e5466a5d09 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3586 – Linux Kernel Net Scheduler Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-3586
19 Oct 2022 — A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. Se ha encontrado un fallo en el código de red del kernel de Linux. Ha sido encontrado un uso de memoria previamente liberada en la forma en que la función sch_sfb enqueue usó el campo cb d... • https://github.com/torvalds/linux/commit/9efd23297cca • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3606 – Linux Kernel BPF libbpf.c find_prog_by_sec_insn null pointer dereference
https://notcve.org/view.php?id=CVE-2022-3606
19 Oct 2022 — A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d0d382f95a9270dcf803539d6781d6bd67e3f5b2 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 3CVE-2022-2602 – Linux Kernel io_uring Improper Update of Reference Count Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-2602
18 Oct 2022 — io_uring UAF, Unix SCM garbage collection io_uring UAF, recolección de basura Unix SCM This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the io_uring API. The issue results from the improper management of a reference count. An attacker can leverage this vulnerability to escalate privileg... • https://github.com/LukeGix/CVE-2022-2602 • CWE-416: Use After Free •