CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1652 – Ubuntu Security Notice USN-5582-1
https://notcve.org/view.php?id=CVE-2022-1652
31 May 2022 — Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. El Kernel de Linux podría permitir a un atacante local ejecutar código arbitrario en el sistema, causado por un fallo de uso de memoria previamente liberada concurrente en la función bad_f... • https://bugzilla.redhat.com/show_bug.cgi?id=1832397 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-1199 – Ubuntu Security Notice USN-5469-1
https://notcve.org/view.php?id=CVE-2022-1199
28 May 2022 — A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. Se ha encontrado un fallo en el kernel de Linux. Este fallo permite a un atacante bloquear el kernel de Linux al simular la radioafición desde el espacio de usuario, resultando en una vulnerabilidad null-ptr-deref y una vulnerabilidad de uso de memoria previamente liberada It was discovere... • https://access.redhat.com/security/cve/CVE-2022-1199 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1882 – kernel: use-after-free in free_pipe_info() could lead to privilege escalation
https://notcve.org/view.php?id=CVE-2022-1882
26 May 2022 — A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso después de libre en la funcionalidad de tuberías del kernel de Linux en la forma en que un usuario realiza manipulaciones con la tubería post_one_notification() después de free_pipe_info()... • https://bugzilla.redhat.com/show_bug.cgi?id=2089701 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2022-1678
https://notcve.org/view.php?id=CVE-2022-1678
25 May 2022 — An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. Se ha detectado un problema en el Kernel de Linux de la 4.18 a 4.19, una actualización inapropiada de la referencia sock en el paso TCP puede conllevar a una pérdida de memoria/netns, que puede ser usada por clientes remotos • https://anas.openanolis.cn/cves/detail/CVE-2022-1678 • CWE-911: Improper Update of Reference Count •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-1183 – Destroying a TLS session early causes assertion failure
https://notcve.org/view.php?id=CVE-2022-1183
19 May 2022 — On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. En configuraciones vulnerables, el demonio nombrado puede, en algunas circun... • https://kb.isc.org/docs/cve-2022-1183 • CWE-617: Reachable Assertion •
CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 2CVE-2022-1734 – Ubuntu Security Notice USN-5582-1
https://notcve.org/view.php?id=CVE-2022-1734
18 May 2022 — A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. Un fallo en el Kernel de Linux encontrado en nfcmrvl_nci_unregister_dev() en el archivo drivers/nfc/nfcmrvl/main.c puede conllevar a un uso de memoria previamente liberada de lectura o escritura cuando no está sincronizado entre la rutina de limpieza y la rutina de descarga del firmware Zhenpeng L... • http://www.openwall.com/lists/oss-security/2022/06/05/4 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 3CVE-2022-29581 – kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c
https://notcve.org/view.php?id=CVE-2022-29581
17 May 2022 — Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. Una vulnerabilidad de actualización inapropiada del recuento de referencias en net/sched del Kernel de Linux permite a un atacante local causar una escalada de privilegios a root. Este problema afecta a: Las versiones del Kernel de Linux anteriores a 5.18; la versión 4.14 y posterio... • https://github.com/Nidhi77777/linux-4.19.72_CVE-2022-29581 • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •
CVSS: 9.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-1587 – pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1587
16 May 2022 — An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función get_recurse_data_length() del archivo pcre2_jit_compile.c. Este problema afecta a las recursiones en expresiones regulares compiladas en JIT causadas por transfere... • https://bugzilla.redhat.com/show_bug.cgi?id=2077983%2C • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 2CVE-2022-1679 – kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges
https://notcve.org/view.php?id=CVE-2022-1679
16 May 2022 — A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el controlador del adaptador inalámbrico Atheros del kernel de Linux en la forma en que un usuario fuerza la función ath9k_htc_wait_for_target a fallar con algunos m... • https://github.com/EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1586 – pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1586
16 May 2022 — An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función compile_xclass_matchingpath() del archivo pcre2_jit_compile.c. Esto implica un probl... • https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C • CWE-125: Out-of-bounds Read •