Vulnerabilities > Linux > Linux Kernel > 4.19.130

DATE CVE VULNERABILITY TITLE RISK
2022-07-18 CVE-2021-33655 Out-of-bounds Write vulnerability in multiple products
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
local
low complexity
linux debian CWE-787
6.7
2022-07-18 CVE-2021-33656 Out-of-bounds Write vulnerability in multiple products
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
low complexity
huawei linux debian CWE-787
6.8
2022-07-14 CVE-2021-4135 Memory Leak vulnerability in Linux Kernel
A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called.
local
low complexity
linux CWE-401
5.5
2022-07-13 CVE-2022-2380 Out-of-bounds Write vulnerability in Linux Kernel
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function.
local
low complexity
linux CWE-787
5.5
2022-07-06 CVE-2022-2318 There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
local
low complexity
linux debian netapp
5.5
2022-07-05 CVE-2022-26365 Memory Leak vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
linux xen debian fedoraproject CWE-401
7.1
2022-07-05 CVE-2022-33740 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-212
7.1
2022-07-05 CVE-2022-33741 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
2022-07-05 CVE-2022-33742 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
2022-07-05 CVE-2022-33744 Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings.
local
high complexity
linux debian
4.7