Vulnerabilities > Linux > Linux Kernel > 4.14.62

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2021-4090 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel.
local
low complexity
linux netapp CWE-787
7.1
2022-02-16 CVE-2022-25265 Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20).
local
low complexity
linux netapp CWE-913
7.8
2022-02-16 CVE-2022-25258 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10.
4.6
2022-02-16 CVE-2021-3752 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition.
7.1
2022-02-16 CVE-2021-3753 Out-of-bounds Read vulnerability in multiple products
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE).
local
high complexity
linux redhat netapp CWE-125
4.7
2022-02-16 CVE-2021-3760 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8
2022-02-16 CVE-2021-3773 A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
network
low complexity
linux fedoraproject redhat oracle
critical
9.8
2022-02-16 CVE-2022-0617 NULL Pointer Dereference vulnerability in multiple products
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image.
local
low complexity
linux debian CWE-476
5.5
2022-02-14 CVE-2021-44879 NULL Pointer Dereference vulnerability in Linux Kernel
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
local
low complexity
linux CWE-476
5.5
2022-02-11 CVE-2022-0382 Missing Initialization of Resource vulnerability in Linux Kernel
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations.
local
low complexity
linux CWE-909
5.5