CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3625 – Linux Kernel IPsec devlink.c devlink_param_get use after free
https://notcve.org/view.php?id=CVE-2022-3625
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902 https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://vuldb.com/?id.211929 https://access.redhat.com/security/cve/CVE-2022-3625 https://bugzilla.redhat.com/show_bug.cgi?id=2144720 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3623 – Linux Kernel BPF gup.c follow_page_pte race condition
https://notcve.org/view.php?id=CVE-2022-3623
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://vuldb.com/?id.211921 https://www.debian.org/security/2023/dsa-5324 https://access.redhat.com/security/cve/CVE-2022-3623 https://bugzilla.redhat.com/show_bug.cgi?id=2165721 • CWE-123: Write-what-where Condition CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3577
https://notcve.org/view.php?id=CVE-2022-3577
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write. • https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git/commit/?h=char-misc-next&id=9d64d2405f7d30d49818f6682acd0392348f0fdb https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=945a9a8e448b65bec055d37eba58f711b39f66f0 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc4ef9d5724973193bfa5ebed181dba6de3a56db • CWE-401: Missing Release of Memory after Effective Lifetime CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3606 – Linux Kernel BPF libbpf.c find_prog_by_sec_insn null pointer dereference
https://notcve.org/view.php?id=CVE-2022-3606
A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d0d382f95a9270dcf803539d6781d6bd67e3f5b2 https://vuldb.com/?id.211749 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3586 – Linux Kernel Net Scheduler Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-3586
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. Se ha encontrado un fallo en el código de red del kernel de Linux. Ha sido encontrado un uso de memoria previamente liberada en la forma en que la función sch_sfb enqueue usó el campo cb del búfer de socket (SKB) después de que el mismo SKB había sido puesto en cola (y liberado) en un qdisc hijo. • https://github.com/torvalds/linux/commit/9efd23297cca https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://www.zerodayinitiative.com/advisories/upcoming • CWE-416: Use After Free •