CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3595 – Linux Kernel CIFS sess.c sess_free_buffer double free
https://notcve.org/view.php?id=CVE-2022-3595
18 Oct 2022 — A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b854b4ee66437e6e1622fda90529c814978cb4ca • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3565 – Linux Kernel Bluetooth l1oip_core.c del_timer use after free
https://notcve.org/view.php?id=CVE-2022-3565
17 Oct 2022 — A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free CWE-662: Improper Synchronization •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3533 – Linux Kernel BPF usdt.c parse_usdt_arg memory leak
https://notcve.org/view.php?id=CVE-2022-3533
17 Oct 2022 — A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parse_usdt_arg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument reg_name leads to memory leak. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=0dc9254e03704c75f2ebc9cbef2ce4de83fba603 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 1CVE-2022-3564 – Linux Kernel Bluetooth l2cap_core.c l2cap_reassemble_sdu use after free
https://notcve.org/view.php?id=CVE-2022-3564
17 Oct 2022 — A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. • https://github.com/Trinadh465/linux-4.1.15_CVE-2022-3564 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3543 – Linux Kernel BPF af_unix.c unix_release_sock memory leak
https://notcve.org/view.php?id=CVE-2022-3543
17 Oct 2022 — A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=7a62ed61367b8fd01bae1e18e30602c25060d824 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-3545 – Linux Kernel IPsec nfp_cppcore.c area_cache_get use after free
https://notcve.org/view.php?id=CVE-2022-3545
17 Oct 2022 — A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability. • https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3544 – Linux Kernel Netfilter sysfs.c damon_sysfs_add_target memory leak
https://notcve.org/view.php?id=CVE-2022-3544
17 Oct 2022 — A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044. • https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 2.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3521 – Linux Kernel kcm kcmsock.c kcm_tx_work race condition
https://notcve.org/view.php?id=CVE-2022-3521
16 Oct 2022 — A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec7eede369fe5b0d085ac51fdbb95184f87bfc6c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 4CVE-2022-42703 – kernel: use-after-free related to leaf anon_vma double reuse
https://notcve.org/view.php?id=CVE-2022-42703
09 Oct 2022 — mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. El archivo mm/rmap.c en el kernel de Linux versiones anteriores a 5.19.7, presenta un uso de memoria previamente liberada relacionado con un doble reúso de la hoja anon_vma A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the is_mergeable_anon_vma() function continuously forks, using memory operations to trigger an incorrect reuse of leaf ... • https://github.com/Squirre17/hbp-attack-demo • CWE-416: Use After Free •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41848
https://notcve.org/view.php?id=CVE-2022-41848
30 Sep 2022 — drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach. El archivo drivers/char/pcmcia/synclink_cs.c en el kernel de Linux versiones hasta 5.19.12, presenta una condición de carrera y un uso de memoria previamente liberada resultante si un atacante físicamente próximo elimina un dispositivo PCMCIA mientras... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/char/pcmcia/synclink_cs.c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •