5.15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-04	CVE-2021-3743	An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. local low complexity linux fedoraproject netapp oracle	7.1
2022-03-03	CVE-2021-3640	A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. local high complexity linux debian fedoraproject canonical netapp	7.0
2022-03-03	CVE-2021-4002	Memory Leak vulnerability in multiple products A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. local low complexity linux debian fedoraproject oracle CWE-401	4.4
2022-03-03	CVE-2022-0492	Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. local low complexity linux debian redhat canonical fedoraproject netapp CWE-862	7.8
2022-02-24	CVE-2022-25636	Improper Privilege Management vulnerability in multiple products net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. local low complexity linux debian netapp oracle CWE-269	7.8
2022-02-20	CVE-2022-25375	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. local low complexity linux debian CWE-1284	5.5
2022-02-18	CVE-2021-4090	Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. local low complexity linux netapp CWE-787	7.1
2022-02-16	CVE-2022-25265	Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). local low complexity linux netapp CWE-913	7.8
2022-02-16	CVE-2022-25258	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. low complexity linux fedoraproject debian netapp CWE-476	4.6
2022-02-16	CVE-2021-3752	Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. high complexity linux redhat fedoraproject netapp debian oracle CWE-362	7.1