Vulnerabilities > Linux > Linux Kernel > 5.15.169

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-3115 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 5.16-rc6.
local
low complexity
linux CWE-476
5.5
5.5
2022-12-07 CVE-2022-42328 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
5.5
2022-12-07 CVE-2022-42329 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
5.5
2022-11-28 CVE-2022-4127 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc.
local
low complexity
linux CWE-476
5.5
5.5
2022-08-29 CVE-2022-1199 A flaw was found in the Linux kernel.
network
low complexity
linux redhat netapp
7.5
7.5
2022-07-13 CVE-2022-2380 Out-of-bounds Write vulnerability in Linux Kernel
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function.
local
low complexity
linux CWE-787
5.5
5.5
2014-06-07 CVE-2014-3153 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
local
low complexity
linux redhat suse opensuse canonical oracle
7.8
7.8
2013-11-20 CVE-2013-6282 Improper Input Validation vulnerability in Linux Kernel
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.
network
low complexity
linux CWE-20
8.8
8.8