Vulnerabilities > Linux > Linux Kernel > 3.18.47
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-16 | CVE-2022-25265 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). | 7.8 |
2022-02-16 | CVE-2022-25258 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. | 4.6 |
2022-02-16 | CVE-2021-3752 | Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. | 7.1 |
2022-02-16 | CVE-2021-3753 | Out-of-bounds Read vulnerability in multiple products A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). | 4.7 |
2022-02-16 | CVE-2021-3773 | A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. | 9.8 |
2022-02-14 | CVE-2021-44879 | NULL Pointer Dereference vulnerability in Linux Kernel In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | 5.5 |
2022-02-11 | CVE-2022-0382 | Missing Initialization of Resource vulnerability in Linux Kernel An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. | 5.5 |
2022-02-11 | CVE-2021-45402 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | 2.1 |
2022-02-11 | CVE-2022-24958 | Release of Invalid Pointer or Reference vulnerability in multiple products drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | 7.8 |
2022-02-11 | CVE-2022-24959 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.16.5. | 2.1 |