5.12.19

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-22	CVE-2022-2873	Incorrect Calculation of Buffer Size vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. local low complexity linux fedoraproject redhat netapp debian CWE-131	5.5
2022-08-12	CVE-2022-2503	Improper Authentication vulnerability in Linux Kernel Dm-verity is used for extending root-of-trust to root filesystems. local low complexity linux CWE-287	6.7
2022-08-05	CVE-2022-1158	Use After Free vulnerability in multiple products A flaw was found in KVM. local low complexity linux fedoraproject redhat CWE-416	7.8
2022-07-27	CVE-2022-36946	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. network low complexity linux debian netapp	7.5
2022-07-27	CVE-2022-36879	An issue was discovered in the Linux kernel through 5.18.14. local low complexity linux debian netapp	5.5
2022-07-26	CVE-2022-1651	Memory Leak vulnerability in Linux Kernel A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. local low complexity linux CWE-401	7.1
2022-07-26	CVE-2022-1671	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. local low complexity linux netapp CWE-476	7.1
2022-07-18	CVE-2021-33655	Out-of-bounds Write vulnerability in multiple products When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. local low complexity linux debian CWE-787	6.7
2022-07-06	CVE-2022-2318	Use After Free vulnerability in multiple products There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. local low complexity linux debian netapp CWE-416	5.5
2022-07-05	CVE-2022-33743	network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed. local low complexity xen linux debian	7.8