CVSS: 8.8EPSS: 58%CPEs: 6EXPL: 11CVE-2022-2588 – Linux Kernel route4_change Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-2588
10 Aug 2022 — It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Se descubrió que la implementación del filtro cls_route en el kernel de Linux no eliminaba un filtro antiguo de la tabla hash antes de liberarlo si su identificador tenía el valor 0. A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user ... • https://github.com/Markakd/CVE-2022-2588 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 2CVE-2022-36123
https://notcve.org/view.php?id=CVE-2022-36123
29 Jul 2022 — The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. El kernel de Linux versiones anteriores a 5.18.13, carece de una determinada operación de borrado para el símbolo de inicio de bloque (.bss). Esto permite a usuarios del SO huésped Xen PV causar una denegación de servicio o conseguir privilegios • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2022-2153 – kernel: KVM: NULL pointer dereference in kvm_irq_delivery_to_apic_fast()
https://notcve.org/view.php?id=CVE-2022-2153
28 Jul 2022 — A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. Se ha encontrado un fallo en el KVM del kernel de Linux cuando es intentado establecer una IRQ SynIC. Este problema hace posible a un VMM que sea comportad... • https://bugzilla.redhat.com/show_bug.cgi?id=2069736 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
27 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the re... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 • CWE-911: Improper Update of Reference Count •
CVSS: 7.8EPSS: 5%CPEs: 14EXPL: 2CVE-2022-36946 – kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
https://notcve.org/view.php?id=CVE-2022-36946
27 Jul 2022 — nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. La función nfqnl_mangle en el archivo net/netfilter/nfnetlink_queue.c en el kernel de Linux versiones hasta 5.18.14, permite a atacantes remotos causar una denegación de servicio (pánico) porque, en el caso de un veredicto nf_queue con ... • https://github.com/Pwnzer0tt1/CVE-2022-36946 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36557 – kernel: race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys, causing a use-after-free in con_shutdown().
https://notcve.org/view.php?id=CVE-2020-36557
21 Jul 2022 — A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. Una condición de carrera en el kernel de Linux versiones anteriores a 5.6.2 entre el ioctl VT_DISALLOCATE y el cierre/apertura de ttys podría conllevar a un uso de memoria previamente liberada A use-after-free flaw was found in the Linux kernel’s Virtual Terminal subsystem in how a user calls the VT_DISALLOCATE ioctl during the closing/opening of ttys. This flaw allo... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36558 – kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference
https://notcve.org/view.php?id=CVE-2020-36558
21 Jul 2022 — A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. Una condición de carrera en el kernel de Linux versiones anteriores a 5.5.7, involucrando a VT_RESIZEX podría conllevar a una desviación del puntero NULL y un fallo de protección general A NULL pointer dereference flaw was found in the Linux kernel’s Virtual Terminal subsystem was found in how a user calls the VT_RESIZEX ioctl. This flaw allows a local user to crash t... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.7 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 1CVE-2021-4204 – kernel: improper input validation may lead to privilege escalation
https://notcve.org/view.php?id=CVE-2021-4204
21 Jul 2022 — An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. Se ha encontrado un fallo de acceso a memoria fuera de límites (OOB) en el eBPF del kernel de Linux debido a una comprobación de entrada inapropiada. Este fallo permite a un atacante local con un privilegio especial bloquear el sistema o filtrar información interna. An update that solve... • https://github.com/tr3ee/CVE-2021-4204 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2022-1973 – Ubuntu Security Notice USN-5599-1
https://notcve.org/view.php?id=CVE-2022-1973
21 Jul 2022 — A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. Se encontró un defecto de uso de memoria previamente liberada en el kernel de Linux en la función log_replay en el archivo fs/ntfs3/fslog.c en el diario NTFS. Este fallo permite a un atacante local bloquear el sistema y conlleva a un problema de filtrado de información del kernel It was discovered that... • https://bugzilla.redhat.com/show_bug.cgi?id=2092542 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1508 – SUSE Security Advisory - SUSE-SU-2022:2615-1
https://notcve.org/view.php?id=CVE-2022-1508
21 Jul 2022 — An out-of-bounds read flaw was found in the Linux kernel’s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds. Se ha encontrado un fallo de lectura fuera de límites en el módulo io_uring del kernel de Linux en la forma en que un usuario desencadena la función io_read() con algunos parámetros especiales. Este fallo permite a un usuario local leer alguna memoria fuera de límites An update that solves 4... • https://access.redhat.com/security/cve/CVE-2022-1508 • CWE-125: Out-of-bounds Read •