Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-14 | CVE-2022-42721 | Infinite Loop vulnerability in multiple products A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | 5.5 |
| 2022-10-14 | CVE-2022-42722 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | 5.5 |
| 2022-10-11 | CVE-2022-3140 | Argument Injection or Modification vulnerability in multiple products LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. | 6.3 |
| 2022-10-11 | CVE-2022-33746 | Improper Resource Shutdown or Release vulnerability in multiple products P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. | 6.5 |
| 2022-10-11 | CVE-2022-33748 | Improper Handling of Exceptional Conditions vulnerability in multiple products lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. | 5.6 |
| 2022-10-08 | CVE-2022-3435 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability classified as problematic has been found in Linux Kernel. | 4.3 |
| 2022-10-07 | CVE-2022-2928 | NULL Pointer Dereference vulnerability in multiple products In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. | 6.5 |
| 2022-10-07 | CVE-2022-2929 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory. | 6.5 |
| 2022-09-30 | CVE-2022-41849 | Use After Free vulnerability in multiple products drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. | 4.2 |
| 2022-09-30 | CVE-2022-41850 | Use After Free vulnerability in multiple products roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | 4.7 |