Vulnerabilities > Linux > Linux Kernel > 3.15.7

DATE CVE VULNERABILITY TITLE RISK
2022-09-30 CVE-2022-41848 Use After Free vulnerability in Linux Kernel
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
high complexity
linux CWE-416
4.2
2022-09-30 CVE-2022-41849 Use After Free vulnerability in multiple products
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
high complexity
linux debian CWE-416
4.2
2022-09-30 CVE-2022-41850 Use After Free vulnerability in multiple products
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
local
high complexity
linux debian CWE-416
4.7
2022-09-23 CVE-2022-2785 Out-of-bounds Read vulnerability in Linux Kernel
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF.
local
low complexity
linux CWE-125
5.5
2022-09-21 CVE-2022-41218 Use After Free vulnerability in multiple products
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
local
low complexity
linux debian CWE-416
5.5
2022-09-19 CVE-2022-3239 Use After Free vulnerability in Linux Kernel
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.
local
low complexity
linux CWE-416
7.8
2022-09-18 CVE-2022-40768 Use of Uninitialized Resource vulnerability in multiple products
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
local
low complexity
linux fedoraproject debian CWE-908
5.5
2022-09-14 CVE-2022-40476 NULL Pointer Dereference vulnerability in Linux Kernel
A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62.
local
low complexity
linux CWE-476
5.5
2022-09-09 CVE-2022-36280 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'.
local
low complexity
linux debian CWE-787
5.5
2022-09-09 CVE-2022-40307 Race Condition vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.19.8.
local
high complexity
linux debian CWE-362
4.7