CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2905
https://notcve.org/view.php?id=CVE-2022-2905
09 Sep 2022 — An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. Se ha encontrado un fallo de lectura de memoria fuera de límites en el subsistema BPF del kernel de Linux en la forma en que un usuario llama a la función bpf_tail_call con una clave mayor que el max_entries del mapa. Este fallo permite a un usuario local conseguir a... • https://bugzilla.redhat.com/show_bug.cgi?id=2121800 • CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40307 – Ubuntu Security Notice USN-5791-3
https://notcve.org/view.php?id=CVE-2022-40307
09 Sep 2022 — An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Se ha detectado un problema en el kernel de Linux versiones hasta 5.19.8. El archivo drivers/firmware/efi/capsule-loader.c presenta una condición de carrera con un uso de memoria previamente liberada resultante It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. ... • https://github.com/torvalds/linux/commit/9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-39842 – Ubuntu Security Notice USN-5924-1
https://notcve.org/view.php?id=CVE-2022-39842
05 Sep 2022 — An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.19. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39188 – kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry
https://notcve.org/view.php?id=CVE-2022-39188
02 Sep 2022 — An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. Se ha detectado un problema en el archivo include/asm-generic/tlb.h en el kernel de Linux versiones anteriores a 5.19. Debido a una condición de carrera (unmap_mapping_range frente a munmap), un controlador de dispositivo puede liberar una... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2329 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39190 – kernel: nf_tables disallow binding to already bound chain
https://notcve.org/view.php?id=CVE-2022-39190
02 Sep 2022 — An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. Se ha detectado un problema en el archivo net/netfilter/nf_tables_api.c en el kernel de Linux versiones anteriores a 5.19.6. Puede producirse una denegación de servicio al vincularse a una cadena ya vinculada A flaw was found in net/netfilter/nf_tables_api.c in the Linux kernel. A denial of service can occur upon binding to an already bound chain. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.6 • CWE-392: Missing Report of Error Condition •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3078
https://notcve.org/view.php?id=CVE-2022-3078
01 Sep 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c. Se ha detectado un problema en el kernel de Linux versiones hasta 5.16-rc6. Se presenta una falta de comprobación después de llamar a vzalloc() y una falta de liberación después de la asignación en drivers/media/test-drivers/vidtv/vidtv_s302m.c • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=e6a21a14106d9718aa4f8e115b1e474888eeba44 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 5CVE-2022-2639 – kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
https://notcve.org/view.php?id=CVE-2022-2639
01 Sep 2022 — An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un error de coerción de enteros en el módulo del kernel openvswitch. Dado un número suficien... • https://github.com/bb33bb/CVE-2022-2639-PipeVersion • CWE-192: Integer Coercion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1508
https://notcve.org/view.php?id=CVE-2022-1508
31 Aug 2022 — An out-of-bounds read flaw was found in the Linux kernel’s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds. Se ha encontrado un fallo de lectura fuera de límites en el módulo io_uring del kernel de Linux en la forma en que un usuario desencadena la función io_read() con algunos parámetros especiales. Este fallo permite a un usuario local leer alguna memoria fuera de límites • https://access.redhat.com/security/cve/CVE-2022-1508 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 0CVE-2022-3028 – kernel: race condition in xfrm_probe_algs can lead to OOB read/write
https://notcve.org/view.php?id=CVE-2022-3028
31 Aug 2022 — A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. Se ha encontrado una condición de carrera en el marco IP del kernel de Linux para la transformación de paquetes (subsistema XFRM) cuando son producidas simultáneament... • https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 2CVE-2022-0850 – kernel: information leak in copy_page_to_iter() in iov_iter.c
https://notcve.org/view.php?id=CVE-2022-0850
29 Aug 2022 — A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. Se encontró una vulnerabilidad en el kernel de linux, donde es producido un filtrado de información por medio de la función ext4_extent_header al espacio de usuario An information leak flaw was found via ext4_extent_header in fs/ext4/extents.c in the Linux kernel. This flaw could allow a local attacker to cause a denial of service. It was discovered that the framebuffer driver on the Linux kernel... • https://access.redhat.com/security/cve/CVE-2022-0850 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •