Vulnerabilities > Linux > Linux Kernel > 3.12.71
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-27 | CVE-2022-36946 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | 7.5 |
| 2022-07-05 | CVE-2022-26365 | Memory Leak vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-07-05 | CVE-2022-33740 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-07-05 | CVE-2022-33741 | Information Exposure vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-07-05 | CVE-2022-33742 | Information Exposure vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-06-05 | CVE-2022-32296 | Use of Insufficiently Random Values vulnerability in Linux Kernel The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. | 3.3 |
| 2022-06-02 | CVE-2022-1789 | NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. | 6.8 |
| 2022-05-16 | CVE-2022-1679 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. | 7.8 |
| 2022-05-12 | CVE-2022-30594 | Missing Authorization vulnerability in multiple products The Linux kernel before 5.17.2 mishandles seccomp permissions. | 7.8 |
| 2022-05-02 | CVE-2022-29968 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the Linux kernel through 5.17.5. | 7.8 |