CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3103
https://notcve.org/view.php?id=CVE-2022-3103
26 Sep 2022 — off-by-one in io_uring module. Una vulnerabilidad de tipo off-by-one en el módulo io_uring. • https://github.com/torvalds/linux/releases/tag/v6.0-rc3 • CWE-193: Off-by-one Error •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2785 – Arbitrary Memory read in BPF Linux Kernel
https://notcve.org/view.php?id=CVE-2022-2785
23 Sep 2022 — There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c Se presenta una lectura de memoria arbitraria dentro del BPF del Kernel de Linux - Las constantes proporcionadas para rellenar los punteros en los structs pasados a b... • https://git.kernel.org/bpf/bpf/c/86f44fcec22c • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2022-41218 – kernel: Report vmalloc UAF in dvb-core/dmxdev
https://notcve.org/view.php?id=CVE-2022-41218
21 Sep 2022 — In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. En el archivo drivers/media/dvb-core/dmxdev.c en el kernel de Linux versiones hasta 5.19.10, se presenta un uso de memoria previamente liberada causado por refcount races, que afecta a dvb_demux_open y dvb_dmxdev_release A use-after-free flaw was found in the Linux kernel’s dvb-core subsystem (DVB API used by Digital TV devices) in how a... • https://github.com/Tobey123/CVE-2022-41218 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-3239 – kernel: media: em28xx: initialize refcount before kref_get
https://notcve.org/view.php?id=CVE-2022-3239
19 Sep 2022 — A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el controlador video4linux del kernel de Linux en la forma en que el usuario desencadena em28xx_usb_probe() para las tarjetas de TV basadas en Empia 28xx. Un usuario local podría usar e... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c08eadca1bdfa099e20a32f8fa4b52b2f672236d • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40768
https://notcve.org/view.php?id=CVE-2022-40768
18 Sep 2022 — drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case. El archivo drivers/scsi/stex.c en el kernel de Linux versiones hasta 5.19.9, permite a usuarios locales obtener información confidencial de la memoria del kernel porque stex_queuecommand_lck carece de memset para el caso PASSTHRU_CMD • http://www.openwall.com/lists/oss-security/2022/09/19/1 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3176 – Use-after-free in io_uring in Linux Kernel
https://notcve.org/view.php?id=CVE-2022-3176
16 Sep 2022 — There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=linux-5.4.y&id=fc78b2fc21f10c4c9c4d5d659a685710ffa63659 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40476
https://notcve.org/view.php?id=CVE-2022-40476
14 Sep 2022 — A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62. A local user could use this flaw to crash the system or potentially cause a denial of service. Se ha detectado un problema de desreferencia de puntero null en el archivo fs/io_uring.c en el kernel de Linux versiones anteriores a 5.15.62. Un usuario local podría usar este fallo para bloquear el sistema o causar potencialmente una denegación de servicio • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/io_uring.c?h=v5.15.61&id=3746d62ecf1c872a520c4866118edccb121c44fd • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-2977
https://notcve.org/view.php?id=CVE-2022-2977
14 Sep 2022 — A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system. Se ha encontrado un fallo en la implementación del kernel de Linux de los dispositivos TPM virtualizados proxy. En un sistema donde los dispositivos TPM virtualizados están configurados (esto no es lo predeterm... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d8e7007dc7c4d7c8366739bbcd3f5e51dcd470f • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-3202
https://notcve.org/view.php?id=CVE-2022-3202
14 Sep 2022 — A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information. Un fallo de desreferencia de puntero NULL en diFree en el archivo fs/jfs/inode.c en Journaled File System (JFS) en el kernel de Linux. Esto podría permitir a un atacante local bloquear el sistema o filtrar información interna del kernel • https://github.com/torvalds/linux/commit/a53046291020ec41e09181396c1e829287b48d47 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3170
https://notcve.org/view.php?id=CVE-2022-3170
13 Sep 2022 — An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system. Se ha encontrado un problema de acceso fuera de límites en el subsistema de sonido del kernel de Linux. Podía ocurrir cuando el "id-)name proporcionado por el usuario no terminaba con "\0". • https://github.com/torvalds/linux/commit/5934d9a0383619c14df91af8fd76261dc3de2f5f • CWE-125: Out-of-bounds Read •