Vulnerabilities > Linux > Linux Kernel > 4.4.97
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-18 | CVE-2022-33981 | Use After Free vulnerability in multiple products drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. | 3.3 |
2022-06-05 | CVE-2022-32296 | Use of Insufficiently Random Values vulnerability in Linux Kernel The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. | 3.3 |
2022-06-02 | CVE-2022-32250 | Use After Free vulnerability in multiple products net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | 7.8 |
2022-06-02 | CVE-2022-1419 | Use After Free vulnerability in multiple products The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object. | 7.8 |
2022-06-02 | CVE-2022-1652 | Use After Free vulnerability in multiple products Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. | 7.8 |
2022-06-02 | CVE-2022-1789 | NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. | 6.8 |
2022-05-18 | CVE-2022-1734 | Use After Free vulnerability in multiple products A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. | 7.0 |
2022-05-16 | CVE-2022-1679 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. | 7.8 |
2022-05-12 | CVE-2022-30594 | Missing Authorization vulnerability in multiple products The Linux kernel before 5.17.2 mishandles seccomp permissions. | 7.8 |
2022-05-02 | CVE-2022-29968 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the Linux kernel through 5.17.5. | 7.8 |