Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2022-04-03 CVE-2022-28389 Double Free vulnerability in multiple products
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
5.5
5.5
2022-04-03 CVE-2022-28390 Double Free vulnerability in multiple products
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
7.8
7.8
2022-04-01 CVE-2021-3847 Improper Preservation of Permissions vulnerability in multiple products
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount.
local
low complexity
linux fedoraproject CWE-281
7.8
7.8
2022-03-30 CVE-2022-1160 heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.
local
low complexity
vim fedoraproject
7.8
7.8
2022-03-30 CVE-2022-1154 Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
local
low complexity
vim fedoraproject debian oracle
7.8
7.8
2022-03-29 CVE-2022-1122 A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files.
local
low complexity
uclouvain fedoraproject debian
5.5
5.5
2022-03-28 CVE-2022-24303 Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
network
low complexity
python fedoraproject
critical
 9.1
9.1
2022-03-25 CVE-2021-3941 In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value.
local
low complexity
openexr redhat fedoraproject debian
6.5
6.5
2022-03-25 CVE-2022-0330 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU.
local
low complexity
linux redhat fedoraproject netapp
7.8
7.8
2022-03-25 CVE-2022-0435 Out-of-bounds Write vulnerability in multiple products
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
network
low complexity
linux redhat ovirt fedoraproject netapp CWE-787
8.8
8.8