Vulnerabilities > Linux > Linux Kernel > 5.10.27

DATE CVE VULNERABILITY TITLE RISK
2022-08-29 CVE-2022-1016 Missing Initialization of Resource vulnerability in multiple products
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free.
local
low complexity
linux redhat CWE-909
5.5
2022-08-29 CVE-2022-1184 Use After Free vulnerability in multiple products
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component.
local
low complexity
linux redhat debian canonical CWE-416
5.5
2022-08-29 CVE-2022-1199 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
7.5
2022-08-29 CVE-2022-2961 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function.
local
high complexity
linux fedoraproject netapp CWE-362
7.0
2022-08-26 CVE-2022-0168 NULL Pointer Dereference vulnerability in multiple products
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function.
local
low complexity
linux redhat CWE-476
4.4
2022-08-26 CVE-2022-0171 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux redhat debian CWE-212
5.5
2022-08-25 CVE-2022-2959 Improper Locking vulnerability in Linux Kernel
A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring().
local
high complexity
linux CWE-667
7.0
2022-08-24 CVE-2021-4028 Use After Free vulnerability in multiple products
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free.
local
low complexity
linux suse CWE-416
7.8
2022-08-24 CVE-2021-4037 Improper Access Control vulnerability in multiple products
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group.
local
low complexity
linux debian CWE-284
7.8
2022-08-24 CVE-2022-2978 Use After Free vulnerability in multiple products
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy.
local
low complexity
linux debian CWE-416
7.8