CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1263 – kernel: KVM: NULL pointer dereference in kvm_dirty_ring_push in virt/kvm/dirty_ring.c
https://notcve.org/view.php?id=CVE-2022-1263
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. Se encontró un problema de desreferencia de puntero NULL en KVM cuando es liberada una vCPU con el soporte de anillo sucio habilitado. Este fallo permite a un atacante local no privilegiado en el host emitir llamadas ioctl específicas, causando una condición de oops en el kernel que resulta en una denegación de servicio • https://access.redhat.com/security/cve/CVE-2022-1263 https://bugzilla.redhat.com/show_bug.cgi?id=2072698 https://github.com/torvalds/linux/commit/5593473a1e6c743764b08e3b6071cb43b5cfa6c4 https://www.openwall.com/lists/oss-security/2022/04/07/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2022-1671
https://notcve.org/view.php?id=CVE-2022-1671
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. Se ha encontrado un fallo de desreferencia de puntero NULL en la función rxrpc_preparse_s en el archivo net/rxrpc/server_key.c en el kernel de Linux. Este fallo permite a un atacante local bloquear el sistema o filtrar información interna del kernel. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff8376ade4f668130385839cef586a0990f8ef87 https://security.netapp.com/advisory/ntap-20220901-0004 https://security.netapp.com/advisory/ntap-20220901-0008 • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32296
https://notcve.org/view.php?id=CVE-2022-32296
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056. El kernel de Linux anterior a la versión 5.17.9 permite a los servidores TCP identificar a los clientes observando qué puertos de origen se utilizan. Esto ocurre debido al uso del Algoritmo 4 ("Double-Hash Port Selection Algorithm") del RFC 6056 • https://arxiv.org/abs/2209.12993 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5 https://github.com/0xkol/rfc6056-device-tracker https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.8EPSS: 0%CPEs: 22EXPL: 6CVE-2022-32250 – Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-32250
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. El archivo net/netfilter/nf_tables_api.c en el kernel de Linux versiones hasta 5.18.1, permite a un usuario local (capaz de crear espacios de nombres de usuario/red) escalar privilegios a root porque una comprobación incorrecta de NFT_STATEFUL_EXPR conlleva a un uso de memoria previamente liberada A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nf_tables_expr_destroy method. • https://github.com/theori-io/CVE-2022-32250-exploit https://github.com/ysanatomic/CVE-2022-32250-LPE https://github.com/Kristal-g/CVE-2022-32250 http://www.openwall.com/lists/oss-security/2022/06/03/1 http://www.openwall.com/lists/oss-security/2022/06/04/1 http://www.openwall.com/lists/oss-security/2022/06/20/1 http://www.openwall.com/lists/oss-security/2022/07/03/5 http://www.openwall.com/lists/oss-security/2022/07/03/6 http://www.openwall&# • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-1943
https://notcve.org/view.php?id=CVE-2022-1943
A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially Se ha encontrado un defecto de escritura en memoria fuera de límites en la funcionalidad del sistema de archivos UDF del kernel de Linux en la forma en que el usuario desencadena alguna operación de archivo que desencadena udf_write_fi(). Un usuario local podría usar este defecto para bloquear el sistema o potencialmente • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1ad35dd0548ce947d97aaf92f7f2f9a202951cf • CWE-787: Out-of-bounds Write •