Vulnerabilities > Linux > Linux Kernel > 4.4.46
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-17 | CVE-2022-47929 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. | 5.5 |
2023-01-13 | CVE-2023-23559 | Integer Overflow or Wraparound vulnerability in multiple products In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | 7.8 |
2023-01-12 | CVE-2023-23454 | Type Confusion vulnerability in multiple products cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | 5.5 |
2023-01-12 | CVE-2023-23455 | Type Confusion vulnerability in multiple products atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | 5.5 |
2022-12-22 | CVE-2022-4662 | Non-exit on Failed Initialization vulnerability in Linux Kernel A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. | 5.5 |
2022-12-18 | CVE-2022-47518 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 6.0.11. | 7.8 |
2022-12-18 | CVE-2022-47519 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 6.0.11. | 7.8 |
2022-12-18 | CVE-2022-47520 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 6.0.11. | 7.1 |
2022-12-07 | CVE-2022-3643 | Injection vulnerability in multiple products Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. | 6.5 |
2022-12-07 | CVE-2022-42328 | Improper Locking vulnerability in multiple products Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). | 5.5 |