Vulnerabilities > Linux > Linux Kernel > 5.15.2

DATE CVE VULNERABILITY TITLE RISK
2022-01-14 CVE-2022-23222 NULL Pointer Dereference vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
local
low complexity
linux debian netapp fedoraproject CWE-476
7.8
7.8
2021-12-24 CVE-2021-45480 Memory Leak vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.15.11.
local
low complexity
linux debian CWE-401
5.5
5.5
2021-12-23 CVE-2021-45469 Out-of-bounds Read vulnerability in multiple products
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
local
low complexity
linux fedoraproject debian netapp CWE-125
7.8
7.8
2021-12-22 CVE-2021-44733 Race Condition vulnerability in multiple products
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11.
local
high complexity
linux redhat fedoraproject debian netapp CWE-362
7.0
7.0
2021-12-16 CVE-2021-45095 Information Exposure vulnerability in multiple products
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
local
low complexity
linux debian CWE-200
5.5
5.5
2021-11-17 CVE-2021-43975 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
local
low complexity
linux fedoraproject debian netapp CWE-787
6.7
6.7
2021-11-17 CVE-2021-43976 In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). 4.6
4.6
2021-11-03 CVE-2020-27820 A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
local
high complexity
linux fedoraproject oracle
4.7
4.7
2021-06-08 CVE-2021-3564 A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device.
local
low complexity
linux fedoraproject debian
5.5
5.5
2021-05-26 CVE-2020-27815 A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian netapp
7.8
7.8