CVE-2022-4095
https://notcve.org/view.php?id=CVE-2022-4095
A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73 https://security.netapp.com/advisory/ntap-20230420-0005 • CWE-416: Use After Free •
CVE-2022-4662 – kernel: Recursive locking violation in usb-storage that can cause the kernel to deadlock
https://notcve.org/view.php?id=CVE-2022-4662
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. Se encontró un fallo en el control de acceso incorrecto en el subsistema central USB del kernel de Linux en la forma en que el usuario conecta el dispositivo USB. Un usuario local podría utilizar este fallo para bloquear el sistema. An incorrect access control flaw was found in the Linux kernel USB core subsystem. • https://lore.kernel.org/all/20220913140355.910732567%40linuxfoundation.org https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA%40mail.gmail.com https://access.redhat.com/security/cve/CVE-2022-4662 https://bugzilla.redhat.com/show_bug.cgi?id=2155788 • CWE-455: Non-exit on Failed Initialization •
CVE-2022-3115
https://notcve.org/view.php?id=CVE-2022-3115
An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. malidp_crtc_reset en drivers/gpu/drm/arm/malidp_crtc.c carece de verificación del valor de retorno de kzalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153058 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=73c3ed7495c67b8fbdc31cf58e6ca8757df31a33 • CWE-476: NULL Pointer Dereference •
CVE-2022-3107 – kernel: hv_netvsc: NULL pointer dereference in netvsc_get_ethtool_stats()
https://notcve.org/view.php?id=CVE-2022-3107
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. netvsc_get_ethtool_stats en drivers/net/hyperv/netvsc_drv.c carece de verificación del valor de retorno de kvmalloc_array() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153060 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=886e44c9298a6b428ae046e2fa092ca52e822e6a https://access.redhat.com/security/cve/CVE-2022-3107 • CWE-476: NULL Pointer Dereference •
CVE-2022-3108 – kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()
https://notcve.org/view.php?id=CVE-2022-3108
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. kfd_parse_subtype_iolink en drivers/gpu/drm/amd/amdkfd/kfd_crat.c carece de verificación del valor de retorno de kmemdup(). • https://bugzilla.redhat.com/show_bug.cgi?id=2153052 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=abfaf0eee97925905e742aa3b0b72e04a918fa9e https://access.redhat.com/security/cve/CVE-2022-3108 • CWE-252: Unchecked Return Value CWE-476: NULL Pointer Dereference •