5.15.3

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-29	CVE-2022-24122	Use After Free vulnerability in multiple products kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. local low complexity linux netapp fedoraproject CWE-416	7.8
2022-01-26	CVE-2021-22600	Double Free vulnerability in multiple products A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. local high complexity linux debian netapp CWE-415	7.0
2022-01-18	CVE-2021-4083	Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. local high complexity linux netapp debian oracle CWE-362	7.0
2022-01-14	CVE-2022-23222	NULL Pointer Dereference vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. local low complexity linux debian netapp fedoraproject CWE-476	7.8
2021-12-24	CVE-2021-45480	Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.15.11. local linux debian CWE-401	4.7
2021-12-23	CVE-2021-45469	Out-of-bounds Read vulnerability in multiple products In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. local low complexity linux fedoraproject debian netapp CWE-125	7.8
2021-12-22	CVE-2021-44733	Race Condition vulnerability in multiple products A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. local high complexity linux redhat fedoraproject debian netapp CWE-362	7.0
2021-12-16	CVE-2021-45095	Information Exposure vulnerability in multiple products pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. local low complexity linux debian CWE-200	2.1
2021-11-03	CVE-2020-27820	Use After Free vulnerability in multiple products A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). local high complexity linux fedoraproject oracle CWE-416	4.7
2021-06-08	CVE-2021-3564	Double Free vulnerability in multiple products A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. local low complexity linux fedoraproject debian CWE-415	5.5