5.15.17

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2022-0500	Out-of-bounds Write vulnerability in multiple products A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-25	CVE-2022-0995	Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-23	CVE-2022-0854	Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. local low complexity linux debian CWE-401	5.5
2022-03-23	CVE-2022-27666	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. local low complexity linux fedoraproject redhat netapp debian CWE-787	7.8
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-18	CVE-2022-0742	Memory Leak vulnerability in multiple products Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. network low complexity linux netapp CWE-401	7.5
2022-03-16	CVE-2022-27223	Improper Validation of Array Index vulnerability in multiple products In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. network low complexity linux netapp debian CWE-129	8.8
2022-03-12	CVE-2022-26966	An issue was discovered in the Linux kernel before 5.16.12. local low complexity linux netapp debian	5.5
2022-03-10	CVE-2021-4095	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. local low complexity linux fedoraproject CWE-476	5.5
2022-03-10	CVE-2022-0433	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. local low complexity linux fedoraproject CWE-476	5.5