CVE-2022-3595 – Linux Kernel CIFS sess.c sess_free_buffer double free
https://notcve.org/view.php?id=CVE-2022-3595
A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b854b4ee66437e6e1622fda90529c814978cb4ca https://vuldb.com/?id.211364 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-415: Double Free •
CVE-2022-3544 – Linux Kernel Netfilter sysfs.c damon_sysfs_add_target memory leak
https://notcve.org/view.php?id=CVE-2022-3544
A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044. • https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972 https://vuldb.com/?id.211044 • CWE-404: Improper Resource Shutdown or Release •
CVE-2022-3543 – Linux Kernel BPF af_unix.c unix_release_sock memory leak
https://notcve.org/view.php?id=CVE-2022-3543
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=7a62ed61367b8fd01bae1e18e30602c25060d824 https://vuldb.com/?id.211043 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVE-2022-3565 – Linux Kernel Bluetooth l1oip_core.c del_timer use after free
https://notcve.org/view.php?id=CVE-2022-3565
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://vuldb.com/?id.211088 https://access.redhat.com/security/cve/CVE-2022-3565 https://bugzilla.redhat.com/show_bug.cgi?id=2150953 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free CWE-662: Improper Synchronization •
CVE-2022-3541 – Linux Kernel BPF spl2sw_driver.c spl2sw_nvmem_get_mac_address use after free
https://notcve.org/view.php?id=CVE-2022-3541
A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211041 was assigned to this vulnerability. • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=12aece8b01507a2d357a1861f470e83621fbb6f2 https://security.netapp.com/advisory/ntap-20221228-0001 https://vuldb.com/?id.211041 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •