Vulnerabilities > Linux > Linux Kernel > 4.9.59

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2021-4037 Improper Access Control vulnerability in multiple products
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group.
local
low complexity
linux debian CWE-284
7.8
2022-08-24 CVE-2021-4159 A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures.
local
low complexity
linux redhat debian
4.4
2022-08-24 CVE-2021-4204 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation.
local
low complexity
linux debian redhat netapp CWE-119
7.1
2022-08-24 CVE-2022-2978 Use After Free vulnerability in multiple products
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy.
local
low complexity
linux debian CWE-416
7.8
2022-08-22 CVE-2021-3659 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection.
local
low complexity
linux fedoraproject redhat CWE-476
5.5
2022-08-22 CVE-2022-2873 Incorrect Calculation of Buffer Size vulnerability in multiple products
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data.
5.5
2022-08-12 CVE-2022-2503 Improper Authentication vulnerability in Linux Kernel
Dm-verity is used for extending root-of-trust to root filesystems.
local
low complexity
linux CWE-287
6.7
2022-07-27 CVE-2022-36946 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
network
low complexity
linux debian netapp
7.5
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
2022-07-18 CVE-2021-33655 Out-of-bounds Write vulnerability in multiple products
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
local
low complexity
linux debian CWE-787
6.7