Vulnerabilities > Linux > Linux Kernel > 4.19.149

DATE CVE VULNERABILITY TITLE RISK
2022-03-23 CVE-2021-4197 Improper Authentication vulnerability in multiple products
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process.
local
low complexity
linux debian oracle broadcom netapp CWE-287
7.8
2022-03-23 CVE-2022-27666 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c.
7.8
2022-03-18 CVE-2021-45868 Use After Free vulnerability in multiple products
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk).
local
low complexity
linux netapp CWE-416
5.5
2022-03-16 CVE-2022-27223 Improper Validation of Array Index vulnerability in multiple products
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.
network
low complexity
linux netapp debian CWE-129
8.8
2022-03-12 CVE-2022-26966 An issue was discovered in the Linux kernel before 5.16.12.
local
low complexity
linux netapp debian
5.5
2022-03-10 CVE-2021-4095 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context.
local
low complexity
linux fedoraproject CWE-476
5.5
2022-03-10 CVE-2022-0433 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter.
local
low complexity
linux fedoraproject CWE-476
5.5
2022-03-10 CVE-2021-3739 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’.
local
low complexity
linux fedoraproject netapp CWE-476
7.1
2022-03-10 CVE-2021-3732 Unspecified vulnerability in Linux Kernel
A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS.
local
low complexity
linux
5.5
2022-03-06 CVE-2022-26490 Classic Buffer Overflow vulnerability in multiple products
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
local
low complexity
linux fedoraproject netapp debian CWE-120
7.8