Vulnerabilities > Linux > Linux Kernel > 3.16.63

DATE CVE VULNERABILITY TITLE RISK
2022-06-30 CVE-2022-2078 Stack-based Buffer Overflow vulnerability in multiple products
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.
local
low complexity
linux redhat debian CWE-121
5.5
2022-06-26 CVE-2022-34494 Double Free vulnerability in Linux Kernel
rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.
local
low complexity
linux CWE-415
4.9
2022-06-26 CVE-2022-34495 Double Free vulnerability in Linux Kernel
rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.
local
low complexity
linux CWE-415
4.9
2022-06-18 CVE-2022-33981 Use After Free vulnerability in multiple products
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
local
low complexity
linux debian CWE-416
3.3
2022-06-05 CVE-2022-32296 Use of Insufficiently Random Values vulnerability in Linux Kernel
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.
local
low complexity
linux CWE-330
3.3
2022-06-02 CVE-2022-1419 Use After Free vulnerability in multiple products
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
local
low complexity
linux debian CWE-416
7.8
2022-06-02 CVE-2022-1652 Use After Free vulnerability in multiple products
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function.
local
low complexity
linux redhat debian netapp CWE-416
7.8
2022-06-02 CVE-2022-1789 NULL Pointer Dereference vulnerability in multiple products
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva.
6.8
2022-05-18 CVE-2022-1734 Use After Free vulnerability in multiple products
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
local
high complexity
linux debian netapp CWE-416
7.0
2022-05-16 CVE-2022-1679 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages.
local
low complexity
linux debian netapp CWE-416
7.8