5.13.7

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-14	CVE-2022-23222	NULL Pointer Dereference vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. local low complexity linux debian netapp fedoraproject CWE-476	7.8
2022-01-06	CVE-2021-28714	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. local low complexity linux debian CWE-770	6.5
2022-01-06	CVE-2021-28715	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. local low complexity linux debian CWE-770	6.5
2021-12-24	CVE-2021-45480	Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.15.11. local linux debian CWE-401	4.7
2021-12-23	CVE-2021-45469	Out-of-bounds Read vulnerability in multiple products In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. local low complexity linux fedoraproject debian netapp CWE-125	7.8
2021-12-22	CVE-2021-44733	Race Condition vulnerability in multiple products A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. local high complexity linux redhat fedoraproject debian netapp CWE-362	7.0
2021-12-16	CVE-2021-45095	Information Exposure vulnerability in multiple products pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. local low complexity linux debian CWE-200	2.1
2021-11-17	CVE-2021-43975	Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. local low complexity linux fedoraproject debian netapp CWE-787	6.7
2021-11-17	CVE-2021-43976	In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). low complexity linux fedoraproject debian netapp oracle	4.6
2021-11-04	CVE-2021-43389	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.14.15. local low complexity linux redhat debian oracle CWE-125	5.5