CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 3CVE-2022-30594 – kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
https://notcve.org/view.php?id=CVE-2022-30594
12 May 2022 — The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. El kernel de Linux versiones anteriores a 5.17.2, maneja inapropiadamente los permisos de seccomp. La ruta de código PTRACE_SEIZE permite a atacantes omitir las restricciones previstas al establecer el flag PT_SUSPEND_SECCOMP A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restri... • https://packetstorm.news/files/id/170362 • CWE-276: Incorrect Default Permissions CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 13%CPEs: 17EXPL: 1CVE-2022-29155 – Ubuntu Security Notice USN-5424-2
https://notcve.org/view.php?id=CVE-2022-29155
04 May 2022 — In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping. En OpenLDAP versiones 2.x anteriores a 2.5.12 y versiones 2.6.x anteriores a 2.6.2, se presenta una vulnerabilidad de inyección SQL en el backend experimental back-sql de slapd, por medio de una sentencia SQL dentr... • https://bugs.openldap.org/show_bug.cgi?id=9815 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 4CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
03 May 2022 — In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. En libxml2 versiones anteriores a 2.9.14, varias funciones de manejo de búferes en buf.c (xmlBuf*) y tree.c (xmlBuffer*) no comprueban los desbor... • https://packetstorm.news/files/id/167345 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2022-29968 – Ubuntu Security Notice USN-5471-1
https://notcve.org/view.php?id=CVE-2022-29968
02 May 2022 — An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. Se ha detectado un problema en el kernel de Linux versiones hasta 5.17.5. La función io_rw_init_file en el archivo fs/io_uring.c carece de la inicialización de kiocb-)private It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot res... • https://github.com/jprx/CVE-2022-29968 • CWE-909: Missing Initialization of Resource •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 0CVE-2022-1353 – kernel: kernel info leak issue in pfkey_register
https://notcve.org/view.php?id=CVE-2022-1353
29 Apr 2022 — A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. Se encontró una vulnerabilidad en la función pfkey_register en el archivo net/key/af_key.c en el kernel de Linux. Este fallo permite a un usuario local no privilegiado acceder a la memoria del kernel, conllevando a un bloqueo del sistema o un filtrado de información in... • https://bugzilla.redhat.com/show_bug.cgi?id=2066819 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2022-1048 – kernel: race condition in snd_pcm_hw_free leading to use-after-free
https://notcve.org/view.php?id=CVE-2022-1048
21 Apr 2022 — A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema de sonido del kernel de Linux en la forma en que un usuario desencadena las llamadas concurrentes de PCM hw_params. ... • https://bugzilla.redhat.com/show_bug.cgi?id=2066706 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-29156 – Ubuntu Security Notice USN-5417-1
https://notcve.org/view.php?id=CVE-2022-29156
13 Apr 2022 — drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. El archivo drivers/infiniband/ulp/rtrs/rtrs-clt.c en el kernel de Linux versiones anteriores a 5.16.12, presenta una doble liberación relacionado con rtrs_clt_dev_release Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in som... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2022-28893 – kernel: use after free in SUNRPC subsystem
https://notcve.org/view.php?id=CVE-2022-28893
11 Apr 2022 — The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. El subsistema SUNRPC en el kernel de Linux versiones hasta 5.17.2, puede llamar a xs_xprt_free antes de asegurarse de que los sockets están en el estado deseado A use-after-free flaw was found in the Linux kernel’s net/sunrpc/xprt.c function in the Remote Procedure Call (SunRPC) protocol. This flaw allows a local attacker to crash the system, leading to a kernel information l... • http://www.openwall.com/lists/oss-security/2022/04/11/3 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0CVE-2022-28796
https://notcve.org/view.php?id=CVE-2022-28796
08 Apr 2022 — jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. La función jbd2_journal_wait_updates en el archivo fs/jbd2/transaction.c en el kernel de Linux versiones anteriores a 5.17.1, presenta un uso de memoria previamente liberada causado por una condición de carrera transaction_t • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2022-28388 – kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c
https://notcve.org/view.php?id=CVE-2022-28388
03 Apr 2022 — usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. La función usb_8dev_start_xmit en el archivo drivers/net/can/usb/usb_8dev.c en el kernel de Linux versiones hasta 5.17.1, presenta una doble liberación A double-free flaw was found in the Linux kernel's USB2CAN interface implementation. This issue could allow a local user to crash the system. It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle ... • https://github.com/torvalds/linux/commit/3d3925ff6433f98992685a9679613a2cc97f3ce2 • CWE-415: Double Free •