A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1679) A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. (CVE-2022-2153) A use-after-free flaw was found in the Linux kernel's POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2585) A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged malicious user to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. (CVE-2022-2586) A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. (CVE-2022-2588) A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation (eIBRS) capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer (RSB) prediction. (CVE-2022-26373) A firewall flaw that can bypass the Linux kernel's Netfilter functionality was found in how a user handles unencrypted IRC with nf_conntrack_irc configured. This flaw allows a remote user to gain unauthorized access to the system. (CVE-2022-2663) An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. (CVE-2022-2905) A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local malicious user to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028) An issue exists in net/netfilter/nf_tables_api.c in the Linux kernel prior to 5.19.6. A denial of service can occur upon binding to an already bound chain. (CVE-2022-39190) A race condition in the Linux kernel's EFI capsule loader driver was found in the way it handled write and flush operations on the device node of the EFI capsule. A local user could potentially use this flaw to crash the system. (CVE-2022-40307) mm/mremap.c in the Linux kernel prior to 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. (CVE-2022-41222)
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
linux linux kernel 6.0 |
||
linux linux kernel |
||
redhat enterprise linux 8.0 |
||
debian debian linux 10.0 |
Vulmon