CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2022-47939 – Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-47939
22 Dec 2022 — An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validatin... • http://www.openwall.com/lists/oss-security/2022/12/23/10 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-47941 – Linux Kernel ksmbd Memory Exhaustion Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-47941
22 Dec 2022 — An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SMB2_NEGOTIATE commands. The issue results from the lack of memory release after i... • http://www.openwall.com/lists/oss-security/2022/12/23/10 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-47942 – Linux Kernel ksmbd Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-47942
22 Dec 2022 — An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. Se descubrió un problema en ksmbd en el kernel de Linux 5.15 a 5.19 anterior a 5.19.2. Hay un desbordamiento de búfer en la región Heap de la memoria en set_ntacl_dacl, relacionado con el uso de SMB2_QUERY_INFO_HE después de un comando SMB2_SET_INFO_HE con formato incorrecto. This vulner... • http://www.openwall.com/lists/oss-security/2022/12/23/10 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4662 – kernel: Recursive locking violation in usb-storage that can cause the kernel to deadlock
https://notcve.org/view.php?id=CVE-2022-4662
22 Dec 2022 — A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. Se encontró un fallo en el control de acceso incorrecto en el subsistema central USB del kernel de Linux en la forma en que el usuario conecta el dispositivo USB. Un usuario local podría utilizar este fallo para bloquear el sistema. An incorrect access control flaw was found in the Linux kernel USB core subsystem. • https://lore.kernel.org/all/20220913140355.910732567%40linuxfoundation.org • CWE-455: Non-exit on Failed Initialization •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47518
https://notcve.org/view.php?id=CVE-2022-47518
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación del número de canales en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico WILC1000 pue... • https://github.com/torvalds/linux/commit/0cdfa9e6f0915e3d243e2393bfa8a22e12d553b0 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47519
https://notcve.org/view.php?id=CVE-2022-47519
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de IEEE80211_P2P_ATTR_OPER_CHANNEL en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico ... • https://github.com/torvalds/linux/commit/051ae669e4505abbe05165bebf6be7922de11f41 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47520
https://notcve.org/view.php?id=CVE-2022-47520
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de compensación en drivers/net/wireless/microchip/wilc1000/hif.c en el controlador inalámbrico WILC1000 puede desencadenar una lectura ... • https://github.com/torvalds/linux/commit/cd21d99e595ec1d8721e1058dcdd4f1f7de1d793 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47521
https://notcve.org/view.php?id=CVE-2022-47521
18 Dec 2022 — An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de IEEE80211_P2P_ATTR_CHANNEL_LIST en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador i... • https://github.com/torvalds/linux/commit/f9b62f9843c7b0afdaecabbcebf1dbba18599408 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3104
https://notcve.org/view.php?id=CVE-2022-3104
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference. Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. lkdtm_ARRAY_BOUNDS en drivers/misc/lkdtm/bugs.c carece de verificación del valor de retorno de kmalloc() y provocará la desreferencia del puntero nulo. • https://bugzilla.redhat.com/show_bug.cgi?id=2153062 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3105 – kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()
https://notcve.org/view.php?id=CVE-2022-3105
14 Dec 2022 — An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array(). Se descubrió un problema en el kernel de Linux hasta 5.16-rc6. uapi_finalize en drivers/infiniband/core/uverbs_uapi.c carece de verificación de kmalloc_array(). • https://bugzilla.redhat.com/show_bug.cgi?id=2153067 • CWE-476: NULL Pointer Dereference •