Vulnerabilities > Linux > Linux Kernel > 4.14.123
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-18 | CVE-2022-33981 | Use After Free vulnerability in multiple products drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. | 3.3 |
2022-06-10 | CVE-2022-32981 | Classic Buffer Overflow vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. | 7.8 |
2022-06-05 | CVE-2022-32296 | Use of Insufficiently Random Values vulnerability in Linux Kernel The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. | 3.3 |
2022-06-02 | CVE-2022-32250 | Use After Free vulnerability in multiple products net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | 7.8 |
2022-06-02 | CVE-2022-1419 | Use After Free vulnerability in multiple products The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object. | 7.8 |
2022-06-02 | CVE-2022-1652 | Use After Free vulnerability in multiple products Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. | 7.8 |
2022-06-02 | CVE-2022-1789 | NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. | 6.8 |
2022-05-18 | CVE-2022-1734 | Use After Free vulnerability in multiple products A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. | 7.0 |
2022-05-17 | CVE-2022-29581 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. | 7.8 |
2022-05-16 | CVE-2022-1679 | A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. | 7.8 |