5.14.17

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-23	CVE-2022-0854	Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. local low complexity linux debian CWE-401	5.5
2022-03-23	CVE-2022-27666	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. local low complexity linux fedoraproject redhat netapp debian CWE-787	7.8
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-18	CVE-2022-0742	Memory Leak vulnerability in multiple products Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. network low complexity linux netapp CWE-401	7.5
2022-03-18	CVE-2021-45868	Use After Free vulnerability in multiple products In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). local low complexity linux netapp CWE-416	5.5
2022-03-16	CVE-2022-27223	Improper Validation of Array Index vulnerability in multiple products In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. network low complexity linux netapp debian CWE-129	8.8
2022-03-12	CVE-2022-26966	An issue was discovered in the Linux kernel before 5.16.12. local low complexity linux netapp debian	5.5
2022-03-11	CVE-2022-26878	Memory Leak vulnerability in Linux Kernel drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed). local low complexity linux CWE-401	5.5
2022-03-10	CVE-2021-4095	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. local low complexity linux fedoraproject CWE-476	5.5
2022-03-10	CVE-2022-0433	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. local low complexity linux fedoraproject CWE-476	5.5