Vulnerabilities > Linux > Linux Kernel > 4.19.98

DATE CVE VULNERABILITY TITLE RISK
2022-08-29 CVE-2022-0480 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel.
local
low complexity
linux redhat CWE-770
5.5
2022-08-29 CVE-2022-0812 Unspecified vulnerability in Linux Kernel
An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel.
network
low complexity
linux
4.3
2022-08-29 CVE-2022-0850 Unspecified vulnerability in Linux Kernel
A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
local
low complexity
linux
7.1
2022-08-29 CVE-2022-1016 Missing Initialization of Resource vulnerability in multiple products
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free.
local
low complexity
linux redhat CWE-909
5.5
2022-08-29 CVE-2022-1184 Use After Free vulnerability in multiple products
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component.
local
low complexity
linux redhat debian canonical CWE-416
5.5
2022-08-29 CVE-2022-1199 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
7.5
2022-08-29 CVE-2022-2961 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function.
local
high complexity
linux fedoraproject netapp CWE-362
7.0
2022-08-26 CVE-2022-0168 NULL Pointer Dereference vulnerability in multiple products
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function.
local
low complexity
linux redhat CWE-476
4.4
2022-08-26 CVE-2022-0171 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux redhat debian CWE-212
5.5
2022-08-24 CVE-2021-4037 Improper Access Control vulnerability in multiple products
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group.
local
low complexity
linux debian CWE-284
7.8