CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 2CVE-2022-24122
https://notcve.org/view.php?id=CVE-2022-24122
29 Jan 2022 — kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. El archivo kernel/ucount.c en el kernel de Linux versiones 5.14 hasta 5.16.4, cuando los espacios de nombres de los usuarios no privilegiados están habilitados, permite un uso de memoria previamente liberada y una escalada de privilegios porque un objeto ucounts puede sobrevivir a su espacio de nombres • https://github.com/meowmeowxw/CVE-2022-24122 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2021-22600 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22600
26 Jan 2022 — A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 Un bug de doble liberación en la función packet_set_ring() en el archivo net/packet/af_packet.c puede ser explotado por un usuario local mediante syscalls diseñados para escalar privilegios o denegar el servicio. Es recomendado actu... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 • CWE-415: Double Free •
CVSS: 8.4EPSS: 0%CPEs: 20EXPL: 10CVE-2022-0185 – Linux Kernel Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-0185
19 Jan 2022 — A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system. Se ha encontrado... • https://packetstorm.news/files/id/165731 • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 5CVE-2022-23222 – kernel: local privileges escalation in kernel/bpf/verifier.c
https://notcve.org/view.php?id=CVE-2022-23222
14 Jan 2022 — kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. El archivo kernel/bpf/verifier.c en el kernel de Linux versiones hasta 5.15.14, permite a usuarios locales alcanzar privilegios debido a una disponibilidad de la aritmética de punteros por medio de determinados tipos de punteros *_OR_NULL A flaw was found in the Linux kernel's adjust_ptr_min_max_vals in the kernel/bpf/verifier.... • https://github.com/tr3ee/CVE-2022-23222 • CWE-476: NULL Pointer Dereference CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0CVE-2021-4090 – Ubuntu Security Notice USN-5265-1
https://notcve.org/view.php?id=CVE-2021-4090
11 Jan 2022 — An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat. Se encontró un fallo de escritura en memoria fuera de límites (OOB) en el NFSD del kernel de Linux. Una falta de saneo puede conllevar a una escritura más allá de bmval[bmlen-... • https://bugzilla.redhat.com/show_bug.cgi?id=2025101 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 33EXPL: 2CVE-2021-4083 – kernel: fget: check that the fd still exists after getting a ref to it
https://notcve.org/view.php?id=CVE-2021-4083
10 Jan 2022 — A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. Se ha encontrado un fallo de lectura de memoria previamente liberada en la recolección de basura del kernel de Linux para los manejadores d... • https://packetstorm.news/files/id/165504 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 44EXPL: 1CVE-2021-45485 – kernel: information leak in the IPv6 implementation
https://notcve.org/view.php?id=CVE-2021-45485
25 Dec 2021 — In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. En la implementación de IPv6 en el kernel de Linux versiones anteriores a 5.13.3, el archivo net/ipv6/output_core.c presenta un filtrado de información debido a determinado uso de una tabla hash que, aunque es grande, no considera aprop... • https://github.com/Satheesh575555/linux-4.19.72_CVE-2021-45485 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 2CVE-2021-45469 – Ubuntu Security Notice USN-5377-1
https://notcve.org/view.php?id=CVE-2021-45469
23 Dec 2021 — In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. En la función __f2fs_setxattr en el archivo fs/f2fs/xattr.c en el kernel de Linux versiones hasta 5.15.11, se presenta un acceso a memoria fuera de límites cuando un inodo presenta una última entrada xattr no válida Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups... • http://www.openwall.com/lists/oss-security/2021/12/25/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.4EPSS: 0%CPEs: 22EXPL: 2CVE-2021-44733 – kernel: use-after-free in the TEE subsystem
https://notcve.org/view.php?id=CVE-2021-44733
22 Dec 2021 — A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. Se presenta un uso de memoria previamente liberada en el archivo drivers/tee/tee_shm.c en el subsistema TEE en el kernel de Linux versiones hasta 5.15.11. Esto ocurre debido a una condición de carrera en tee_shm_get_from_id durante un intento de liberar un objeto de memoria compartida A use-... • https://github.com/pjlantz/optee-qemu • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-45100
https://notcve.org/view.php?id=CVE-2021-45100
16 Dec 2021 — The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption. El servidor ksmbd versiones hasta 3.4.2, usado en el kernel de Linux hasta la versión 5.15.8, a veces se comunica en texto sin cifr... • https://github.com/cifsd-team/ksmbd/issues/550 • CWE-319: Cleartext Transmission of Sensitive Information •