Vulnerabilities > Linux > Linux Kernel > 5.15.172

DATE CVE VULNERABILITY TITLE RISK
2022-12-07 CVE-2022-42329 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
5.5
2022-11-30 CVE-2022-45869 Race Condition vulnerability in Linux Kernel
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
local
low complexity
linux CWE-362
5.5
5.5
2022-11-28 CVE-2022-4127 NULL Pointer Dereference vulnerability in Linux Kernel
A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc.
local
low complexity
linux CWE-476
5.5
5.5
2022-11-25 CVE-2022-45885 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 6.0.9.
local
high complexity
linux netapp CWE-416
7.0
7.0
2022-11-25 CVE-2022-45887 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in the Linux kernel through 6.0.9.
local
high complexity
linux netapp CWE-772
4.7
4.7
2022-11-04 CVE-2022-43945 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow.
network
low complexity
linux netapp CWE-770
7.5
7.5
2022-10-25 CVE-2022-3344 Unspecified vulnerability in Linux Kernel
A flaw was found in the KVM's AMD nested virtualization (SVM).
local
low complexity
linux
5.5
5.5
2022-10-19 CVE-2022-3586 A flaw was found in the Linux kernel’s networking code.
local
low complexity
linux debian
5.5
5.5
2022-10-14 CVE-2022-42721 Infinite Loop vulnerability in multiple products
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
local
low complexity
linux fedoraproject debian CWE-835
5.5
5.5
2022-09-30 CVE-2022-41848 Use After Free vulnerability in Linux Kernel
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
high complexity
linux CWE-416
4.2
4.2