Vulnerabilities > Linux > Linux Kernel > 5.15.0.58
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2021-22600 | Double Free vulnerability in multiple products A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. | 7.0 |
| 2022-01-18 | CVE-2021-4083 | Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. | 7.0 |
| 2022-01-14 | CVE-2022-23222 | NULL Pointer Dereference vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | 7.8 |
| 2021-12-24 | CVE-2021-45480 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.15.11. | 5.5 |
| 2021-12-23 | CVE-2021-45469 | Out-of-bounds Read vulnerability in multiple products In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. | 7.8 |
| 2021-12-22 | CVE-2021-44733 | Race Condition vulnerability in multiple products A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. | 7.0 |
| 2021-12-16 | CVE-2021-45095 | Information Exposure vulnerability in multiple products pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. | 5.5 |
| 2021-11-17 | CVE-2021-43975 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | 6.7 |
| 2021-11-17 | CVE-2021-43976 | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | 4.6 |
| 2021-11-03 | CVE-2020-27820 | A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). | 4.7 |