CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3107 – kernel: hv_netvsc: NULL pointer dereference in netvsc_get_ethtool_stats()
https://notcve.org/view.php?id=CVE-2022-3107
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. netvsc_get_ethtool_stats en drivers/net/hyperv/netvsc_drv.c carece de verificación del valor de retorno de kvmalloc_array() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153060 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3108 – kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()
https://notcve.org/view.php?id=CVE-2022-3108
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. kfd_parse_subtype_iolink en drivers/gpu/drm/amd/amdkfd/kfd_crat.c carece de verificación del valor de retorno de kmemdup(). • https://bugzilla.redhat.com/show_bug.cgi?id=2153052 • CWE-252: Unchecked Return Value CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3110
https://notcve.org/view.php?id=CVE-2022-3110
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. _rtw_init_xmit_priv en drivers/staging/r8188eu/core/rtw_xmit.c carece de verificación del valor de retorno de rtw_alloc_hwxmits() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153055 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3111
https://notcve.org/view.php?id=CVE-2022-3111
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger(). Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. free_charger_irq() en drivers/power/supply/wm8350_power.c carece de WM8350_IRQ_CHG_FAST_RDY, que está registrado en wm8350_init_charger(). • https://bugzilla.redhat.com/show_bug.cgi?id=2153059 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3112
https://notcve.org/view.php?id=CVE-2022-3112
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. amvdec_set_canvases en drivers/staging/media/meson/vdec/vdec_helpers.c carece de verificación del valor de retorno de kzalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153068 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3113
https://notcve.org/view.php?id=CVE-2022-3113
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. mtk_vcodec_fw_vpu_init en drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c carece de verificación del valor de retorno de devm_kzalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153053 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3114
https://notcve.org/view.php?id=CVE-2022-3114
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. imx_register_uart_clocks en drivers/clk/imx/clk.c carece de verificación del valor de retorno de kcalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153054 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3115
https://notcve.org/view.php?id=CVE-2022-3115
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. malidp_crtc_reset en drivers/gpu/drm/arm/malidp_crtc.c carece de verificación del valor de retorno de kzalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153058 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-3643
https://notcve.org/view.php?id=CVE-2022-3643
07 Dec 2022 — Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2... • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42328
https://notcve.org/view.php?id=CVE-2022-42328
07 Dec 2022 — Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver ... • http://www.openwall.com/lists/oss-security/2022/12/08/2 • CWE-667: Improper Locking •