CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2022-3564 – Linux Kernel Bluetooth l2cap_core.c l2cap_reassemble_sdu use after free
https://notcve.org/view.php?id=CVE-2022-3564
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. • https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=89f9f3cb86b1c63badaf392a83dd661d56cc50b1 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://security.netapp.com/advisory/ntap-20221223-0001 https://vuldb.com/?id.211087 https://access.redhat.com/security/cve/CVE-2022-3564 https://bugzilla.redhat.com/show_bug.cgi?id=2150999 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 2.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3521 – Linux Kernel kcm kcmsock.c kcm_tx_work race condition
https://notcve.org/view.php?id=CVE-2022-3521
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec7eede369fe5b0d085ac51fdbb95184f87bfc6c https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://vuldb.com/?id.211018 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3526 – Linux Kernel skb macvlan.c macvlan_handle_frame memory leak
https://notcve.org/view.php?id=CVE-2022-3526
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. • https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442 https://vuldb.com/?id.211024 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2022-42720 – kernel: use-after-free in bss_ref_get in net/wireless/scan.c
https://notcve.org/view.php?id=CVE-2022-42720
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. Varios errores de recuento en el manejo de multi-BSS en la pila mac80211 en el kernel de Linux versiones 5.1 hasta 5.19.14, podrían ser usados por atacantes locales (capaces de inyectar tramas WLAN) para desencadenar condiciones de uso de memoria previamente liberada para potencialmente ejecutar código A use-after-free flaw was found in bss_ref_get in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution. • http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html http://www.openwall.com/lists/oss-security/2022/10/13/5 https://bugzilla.suse.com/show_bug.cgi?id=1204059 https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY&# • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42721 – kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c
https://notcve.org/view.php?id=CVE-2022-42721
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. Un error de administración de listas en el manejo de BSS en la pila mac80211 en el kernel de Linux versiones 5.1 hasta 5.19.14, podría ser usado por atacantes locales (capaces de inyectar tramas WLAN) para corromper una lista enlazada y, a su vez, ejecutar potencialmente código A list corruption flaw was found in cfg80211_add_nontrans_list in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service. • http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html http://www.openwall.com/lists/oss-security/2022/10/13/5 https://bugzilla.suse.com/show_bug.cgi?id=1204060 https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY&# • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •