5.15.58

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-03	CVE-2021-3640	Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. local high complexity linux debian fedoraproject canonical netapp CWE-362	7.0
2022-03-03	CVE-2021-4002	Memory Leak vulnerability in multiple products A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. local low complexity linux debian fedoraproject oracle CWE-401	4.4
2022-02-20	CVE-2022-25375	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. local low complexity linux debian CWE-1284	5.5
2022-02-18	CVE-2021-4090	Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. local low complexity linux netapp CWE-787	7.1
2022-02-16	CVE-2022-25258	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. low complexity linux fedoraproject debian netapp CWE-476	4.6
2022-02-16	CVE-2022-0617	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. local low complexity linux debian CWE-476	5.5
2022-02-14	CVE-2021-44879	NULL Pointer Dereference vulnerability in Linux Kernel In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. local low complexity linux CWE-476	5.5
2022-02-11	CVE-2022-0382	Missing Initialization of Resource vulnerability in Linux Kernel An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. local low complexity linux CWE-909	5.5
2022-02-11	CVE-2022-24958	Release of Invalid Pointer or Reference vulnerability in multiple products drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. local low complexity linux fedoraproject netapp debian CWE-763	7.8
2022-02-04	CVE-2022-0264	Improper Handling of Exceptional Conditions vulnerability in Linux Kernel A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. local low complexity linux CWE-755	5.5