CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-26966 – Ubuntu Security Notice USN-5417-1
https://notcve.org/view.php?id=CVE-2022-26966
12 Mar 2022 — An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.16.12. El archivo drivers/net/usb/sr9700.c permite a atacantes obtener información confidencial de la memoria de la pila por medio de tramas diseñadas desde un dispositivo Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, ... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10 •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2022-0516 – kernel: missing check in ioctl allows kernel memory read/write
https://notcve.org/view.php?id=CVE-2022-0516
08 Mar 2022 — A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4. Se encontró una vulnerabilidad en la función kvm_s390_guest_sida_op en el archivo arch/s390/kvm/kvm-s390.c en KVM para s390 en el kernel de Linux. Este fallo permite a un atacante local con un privilegio de usuario n... • https://bugzilla.redhat.com/show_bug.cgi?id=2050237 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 86%CPEs: 59EXPL: 104CVE-2022-0847 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-0847
07 Mar 2022 — A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. Se ha encontrado un fallo en la forma en que el miembro "flags" de la estructura del nuevo búfer de la tubería carecía de la inic... • https://packetstorm.news/files/id/176534 • CWE-665: Improper Initialization CWE-909: Missing Initialization of Resource •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2022-26490 – Debian Security Advisory 5127-1
https://notcve.org/view.php?id=CVE-2022-26490
06 Mar 2022 — st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. La función st21nfca_connectivity_event_received en el archivo drivers/nfc/st21nfca/se.c en el kernel de Linux hasta la versión 5.16.12, presenta desbordamientos de búfer EVT_TRANSACTION debido a parámetros de longitud no confiables Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais More... • https://github.com/torvalds/linux/commit/4fbcc1a4cb20fe26ad0225679c536c80f1648221 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.9EPSS: 0%CPEs: 29EXPL: 0CVE-2020-36516 – kernel: off-path attacker may inject data or terminate victim's TCP session
https://notcve.org/view.php?id=CVE-2020-36516
26 Feb 2022 — An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. Se ha detectado un problema en el kernel de Linux versiones hasta 5.16.11. El método de asignación de IPID mixto con la política de asignación de IPID basada en hash permite a un atacante fuera de la ruta inyectar datos en la sesión TCP de una víctima o terminar esa sesión. A ... • https://dl.acm.org/doi/10.1145/3372297.3417884 • CWE-290: Authentication Bypass by Spoofing CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.1EPSS: 0%CPEs: 58EXPL: 0CVE-2022-23308 – libxml2: Use-after-free of ID and IDREF attributes
https://notcve.org/view.php?id=CVE-2022-23308
26 Feb 2022 — valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. El archivo valid.c en libxml2 versiones anteriores a 2.9.13, presenta un uso de memoria previamente liberada de los atributos ID e IDREF. A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XML_PARSE_DTDVALID option and without the XML_PARSE_NOENT option, resulting in a use-after-free issue. Red Hat JBoss Core Services is a set of supplementary s... • http://seclists.org/fulldisclosure/2022/May/33 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 61%CPEs: 60EXPL: 2CVE-2022-0435 – kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
https://notcve.org/view.php?id=CVE-2022-0435
23 Feb 2022 — A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. Se ha encontrado un fallo de desbordamiento de pila en la funcionalidad del protocolo TIPC del kernel de Linux en la forma en que un usuario envía un paquete con contenido m... • https://github.com/wlswotmd/CVE-2022-0435 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2022-0646
https://notcve.org/view.php?id=CVE-2022-0646
18 Feb 2022 — A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5. Se encontró un fallo de uso de memoria previamente liberada en el subsistema del kernel de Linux Management Component Transpo... • https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au • CWE-416: Use After Free CWE-459: Incomplete Cleanup •
CVSS: 7.8EPSS: 0%CPEs: 79EXPL: 0CVE-2022-0330 – kernel: possible privileges escalation due to missing TLB flush
https://notcve.org/view.php?id=CVE-2022-0330
18 Feb 2022 — A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. Se ha encontrado un fallo de acceso aleatorio a la memoria en la funcionalidad del controlador del kernel de la GPU i915 de Linux en la forma en que un usuario puede ejecutar código malicioso en la GPU. Este fallo permite a un usuario local bloquear el sistema o escal... • http://www.openwall.com/lists/oss-security/2022/11/30/1 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2022-25265 – kernel: Executable Space Protection Bypass
https://notcve.org/view.php?id=CVE-2022-25265
16 Feb 2022 — In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. En el kernel de Linux versiones hasta 5.16.10, determinados archivos binarios pueden tener el atributo exec-all si fueron construidos aproximadamente en 2003 (por ejemplo, con GCC versión 3.2.2 y el kernel de Linux versión 2.4.20). Esto puede ... • https://github.com/x0reaxeax/exec-prot-bypass • CWE-281: Improper Preservation of Permissions CWE-913: Improper Control of Dynamically-Managed Code Resources •