Vulnerabilities > Linux > Linux Kernel > 4.9.167
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-29 | CVE-2022-2961 | Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. | 7.0 |
2022-08-26 | CVE-2022-0168 | NULL Pointer Dereference vulnerability in multiple products A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. | 4.4 |
2022-08-26 | CVE-2022-0171 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |
2022-08-24 | CVE-2021-4037 | Improper Access Control vulnerability in multiple products A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. | 7.8 |
2022-08-24 | CVE-2021-4159 | A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. | 4.4 |
2022-08-24 | CVE-2021-4204 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. | 7.1 |
2022-08-24 | CVE-2022-2978 | Use After Free vulnerability in multiple products A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. | 7.8 |
2022-08-22 | CVE-2021-3659 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. | 5.5 |
2022-08-22 | CVE-2022-2873 | Incorrect Calculation of Buffer Size vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. | 5.5 |
2022-08-12 | CVE-2022-2503 | Improper Authentication vulnerability in Linux Kernel Dm-verity is used for extending root-of-trust to root filesystems. | 6.7 |