CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2022-3910 – Use after free in IO_uring in the Linux Kernel
https://notcve.org/view.php?id=CVE-2022-3910
22 Nov 2022 — Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/lin... • https://github.com/veritas501/CVE-2022-3910 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3238
https://notcve.org/view.php?id=CVE-2022-3238
14 Nov 2022 — A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount and umount simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se encontró una falla de doble liberación en el subsistema NTFS3 del kernel de Linux en la forma en que un usuario activa el montaje y el desmontaje simultáneamente. Esta falla permite que un usuario local falle o potencialmente aumente sus privilegios en el sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=2127927 • CWE-415: Double Free CWE-459: Incomplete Cleanup •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3903
https://notcve.org/view.php?id=CVE-2022-3903
14 Nov 2022 — An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system. Se encontró una falla de solicitud de lectura incorrecta en el controlador USB del transceptor de infrarrojos en el kernel de Linux. Este problema ocurre cuando un usuario conecta un dispositivo USB malicioso. • https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA%40mail.gmail.com • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2022-43945 – kernel: nfsd buffer overflow by RPC message over TCP with garbage data
https://notcve.org/view.php?id=CVE-2022-43945
04 Nov 2022 — The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forwar... • http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html • CWE-131: Incorrect Calculation of Buffer Size CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44032
https://notcve.org/view.php?id=CVE-2022-44032
30 Oct 2022 — An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach(). Se descubrió un problema en el kernel de Linux hasta la versión 6.0.6. drivers/char/pcmcia/cm4000_cs.c tiene una condición de ejecución y Use-After-Free resultante si un atacante físicamente cercano elimina un dispositivo PCMCIA ... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44033
https://notcve.org/view.php?id=CVE-2022-44033
30 Oct 2022 — An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach(). Se descubrió un problema en el kernel de Linux hasta la versión 6.0.6. drivers/char/pcmcia/cm4040_cs.c tiene una condición de ejecución y Use-After-Free resultante si un atacante físicamente cercano elimina un dispositivo PCMC... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44034
https://notcve.org/view.php?id=CVE-2022-44034
30 Oct 2022 — An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove(). Se descubrió un problema en el kernel de Linux hasta la versión 6.0.6. drivers/char/pcmcia/scr24x_cs.c tiene una condición de ejecución y Use-After-Free resultante si un atacante físicamente cercano elimina un dispositivo PCMC... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-43750 – kernel: memory corruption in usbmon driver
https://notcve.org/view.php?id=CVE-2022-43750
26 Oct 2022 — drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. El archivo drivers/usb/mon/mon_bin.c en usbmon en el kernel de Linux versiones anteriores a 5.19.15 y versiones 6.x anteriores a 6.0.1, permite que un cliente del espacio de usuario corrompa la memoria interna del monitor An out-of-bounds memory write flaw in the Linux kernel’s USB Monitor component was found in how a user with access to the /dev/us... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.15 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3344
https://notcve.org/view.php?id=CVE-2022-3344
24 Oct 2022 — A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). Se ha encontrado un fallo en la virtualización anidada AMD (SVM) de KVM. Un huésped L1 malicioso podría fallar a propósito para interceptar el apagado de un huésped anidado cooperativo (L2), posiblemente conllevando a una falla de página y pánico del kernel en el host (L0) • https://bugzilla.redhat.com/show_bug.cgi?id=2130278 • CWE-440: Expected Behavior Violation •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 1CVE-2022-3635 – Linux Kernel IPsec idt77252.c tst_timer use after free
https://notcve.org/view.php?id=CVE-2022-3635
21 Oct 2022 — A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability. • https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •