Vulnerabilities > Linux > Linux Kernel > 5.0.13

DATE CVE VULNERABILITY TITLE RISK
2022-09-23 CVE-2022-2785 Out-of-bounds Read vulnerability in Linux Kernel
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF.
local
low complexity
linux CWE-125
5.5
2022-09-21 CVE-2022-41222 Use After Free vulnerability in multiple products
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
local
high complexity
linux debian netapp canonical CWE-416
7.0
2022-09-21 CVE-2022-41218 Use After Free vulnerability in multiple products
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
local
low complexity
linux debian CWE-416
5.5
2022-09-19 CVE-2022-3239 Use After Free vulnerability in Linux Kernel
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.
local
low complexity
linux CWE-416
7.8
2022-09-18 CVE-2022-40768 Use of Uninitialized Resource vulnerability in multiple products
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
local
low complexity
linux fedoraproject debian CWE-908
5.5
2022-09-14 CVE-2022-2977 Use After Free vulnerability in Linux Kernel
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices.
local
low complexity
linux CWE-416
7.8
2022-09-14 CVE-2022-40476 NULL Pointer Dereference vulnerability in Linux Kernel
A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62.
local
low complexity
linux CWE-476
5.5
2022-09-14 CVE-2022-3202 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel.
local
low complexity
linux netapp CWE-476
7.1
2022-09-09 CVE-2022-2905 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map.
local
low complexity
linux redhat debian CWE-125
5.5
2022-09-09 CVE-2022-2964 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices.
local
low complexity
linux redhat netapp CWE-119
7.8