Vulnerabilities > Linux > Linux Kernel > 4.18.14

DATE CVE VULNERABILITY TITLE RISK
2022-10-17 CVE-2022-3545 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability has been found in Linux Kernel and classified as critical.
local
low complexity
linux netapp debian CWE-119
7.8
2022-10-16 CVE-2022-3521 Race Condition vulnerability in multiple products
A vulnerability has been found in Linux Kernel and classified as problematic.
local
high complexity
linux debian CWE-362
2.5
2022-10-09 CVE-2022-42703 Use After Free vulnerability in Linux Kernel
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
local
low complexity
linux CWE-416
5.5
2022-09-30 CVE-2022-41848 Use After Free vulnerability in Linux Kernel
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
high complexity
linux CWE-416
4.2
2022-09-30 CVE-2022-41849 Use After Free vulnerability in multiple products
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
high complexity
linux debian CWE-416
4.2
2022-09-30 CVE-2022-41850 Use After Free vulnerability in multiple products
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
local
high complexity
linux debian CWE-416
4.7
2022-09-23 CVE-2022-2785 Out-of-bounds Read vulnerability in Linux Kernel
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF.
local
low complexity
linux CWE-125
5.5
2022-09-21 CVE-2022-41218 Use After Free vulnerability in multiple products
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
local
low complexity
linux debian CWE-416
5.5
2022-09-19 CVE-2022-3239 Use After Free vulnerability in Linux Kernel
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.
local
low complexity
linux CWE-416
7.8
2022-09-18 CVE-2022-40768 Use of Uninitialized Resource vulnerability in multiple products
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
local
low complexity
linux fedoraproject debian CWE-908
5.5