5.15.38

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-06	CVE-2022-26490	Classic Buffer Overflow vulnerability in multiple products st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. local low complexity linux fedoraproject netapp debian CWE-120	7.8
2022-03-04	CVE-2021-3743	An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. local low complexity linux fedoraproject netapp oracle	7.1
2022-03-03	CVE-2021-3640	A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. local high complexity linux debian fedoraproject canonical netapp	7.0
2022-03-03	CVE-2021-4002	Memory Leak vulnerability in multiple products A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. local low complexity linux debian fedoraproject oracle CWE-401	4.4
2022-02-20	CVE-2022-25375	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. local low complexity linux debian CWE-1284	5.5
2022-02-18	CVE-2021-4090	Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. local low complexity linux netapp CWE-787	7.1
2022-02-16	CVE-2022-25265	Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). local low complexity linux netapp CWE-913	7.8
2022-02-16	CVE-2022-25258	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. low complexity linux fedoraproject debian netapp CWE-476	4.6
2022-02-16	CVE-2022-0617	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. local low complexity linux debian CWE-476	5.5
2022-02-14	CVE-2021-44879	NULL Pointer Dereference vulnerability in Linux Kernel In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. local low complexity linux CWE-476	5.5