Vulnerabilities > Linux > Linux Kernel > 2.1.103
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-07 | CVE-2022-42328 | Improper Locking vulnerability in multiple products Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). | 5.5 |
| 2022-12-07 | CVE-2022-42329 | Improper Locking vulnerability in multiple products Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). | 5.5 |
| 2022-11-30 | CVE-2022-45869 | Race Condition vulnerability in Linux Kernel A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled. | 5.5 |
| 2022-11-28 | CVE-2022-4127 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. | 5.5 |
| 2022-11-25 | CVE-2022-45884 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 7.0 |
| 2022-11-25 | CVE-2022-45885 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 7.0 |
| 2022-11-25 | CVE-2022-45887 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 4.7 |
| 2022-11-25 | CVE-2022-45888 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 6.4 |
| 2022-11-23 | CVE-2022-42896 | Use After Free vulnerability in Linux Kernel There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url | 8.8 |
| 2022-11-04 | CVE-2022-43945 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. | 7.5 |