Vulnerabilities > Linux > Linux Kernel > 5.10.27

DATE CVE VULNERABILITY TITLE RISK
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
5.5
2022-07-18 CVE-2021-33655 Out-of-bounds Write vulnerability in multiple products
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
local
low complexity
linux debian CWE-787
6.7
6.7
2022-07-18 CVE-2021-33656 Out-of-bounds Write vulnerability in multiple products
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
low complexity
huawei linux debian CWE-787
6.8
6.8
2022-07-06 CVE-2022-2318 Use After Free vulnerability in multiple products
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
local
low complexity
linux debian netapp CWE-416
5.5
5.5
2022-07-05 CVE-2022-26365 Memory Leak vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
linux xen debian fedoraproject CWE-401
7.1
7.1
2022-07-05 CVE-2022-33740 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-212
7.1
7.1
2022-07-05 CVE-2022-33741 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
7.1
2022-07-05 CVE-2022-33742 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
7.1
2022-07-05 CVE-2022-33743 network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
local
low complexity
xen linux debian
7.8
7.8
2022-07-05 CVE-2022-33744 Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings.
local
high complexity
linux debian
4.7
4.7