Vulnerabilities > Linux > Linux Kernel > 2.6.25.16

DATE CVE VULNERABILITY TITLE RISK
2022-07-06 CVE-2022-2318 Use After Free vulnerability in multiple products
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
local
low complexity
linux debian netapp CWE-416
5.5
2022-07-05 CVE-2022-26365 Memory Leak vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
linux xen debian fedoraproject CWE-401
7.1
2022-07-05 CVE-2022-33740 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-212
7.1
2022-07-05 CVE-2022-33741 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
2022-07-05 CVE-2022-33742 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
2022-06-30 CVE-2022-1852 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c.
local
low complexity
linux redhat CWE-476
5.5
2022-06-30 CVE-2022-2078 Stack-based Buffer Overflow vulnerability in multiple products
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.
local
low complexity
linux redhat debian CWE-121
5.5
2022-06-26 CVE-2022-34494 Double Free vulnerability in Linux Kernel
rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.
local
low complexity
linux CWE-415
4.9
2022-06-26 CVE-2022-34495 Double Free vulnerability in Linux Kernel
rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.
local
low complexity
linux CWE-415
4.9
2022-06-18 CVE-2022-33981 Use After Free vulnerability in multiple products
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
local
low complexity
linux debian CWE-416
3.3