5.15.3

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2022-0494	Use of Uninitialized Resource vulnerability in multiple products A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. local low complexity linux debian CWE-908	4.4
2022-03-25	CVE-2022-0500	Out-of-bounds Write vulnerability in multiple products A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-25	CVE-2022-0995	Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-23	CVE-2021-4197	Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. local low complexity linux debian oracle broadcom netapp CWE-287	7.8
2022-03-23	CVE-2022-0854	Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. local low complexity linux debian CWE-401	5.5
2022-03-23	CVE-2022-27666	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. local low complexity linux fedoraproject redhat netapp debian CWE-787	7.8
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-18	CVE-2022-0742	Memory Leak vulnerability in multiple products Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. network low complexity linux netapp CWE-401	7.5
2022-03-16	CVE-2022-27223	Improper Validation of Array Index vulnerability in multiple products In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. network low complexity linux netapp debian CWE-129	8.8
2022-03-12	CVE-2022-26966	An issue was discovered in the Linux kernel before 5.16.12. local low complexity linux netapp debian	5.5