Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
CVE-2022-34918 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-34918
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but...
Linux Linux Kernel
6 Github repositories available
7.8
CVSSv3
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state....
Linux Linux Kernel
7.8
CVSSv3
CVE-2022-1652
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause...
Linux Linux Kernel
Redhat Enterprise Linux 9.0
7.8
CVSSv3
CVE-2022-1679
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the...
Linux Linux Kernel 5.18
5.5
CVSSv3
CVE-2022-25375
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory....
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories available
4.6
CVSSv3
CVE-2022-25258
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory...
Linux Linux Kernel
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories available
7.8
CVSSv3
CVE-2022-20141
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for...
Google Android -
7.1
CVSSv3
CVE-2022-33742
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend...
Xen Xen -
Linux Linux Kernel -
Fedoraproject Fedora 36
4.7
CVSSv3
CVE-2022-33744
Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used...
Linux Linux Kernel
7.8
CVSSv3
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed....
Xen Xen -
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2022-24025
SSRF
CVE-2022-37451
CVE-2022-24022
CVE-2022-1215
brute force
CVE-2022-29582
CVE-2022-36834
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon