Vulnerabilities > Linux > Linux Kernel > 5.15.8

DATE CVE VULNERABILITY TITLE RISK
2022-01-29 CVE-2022-24122 Use After Free vulnerability in multiple products
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
local
low complexity
linux netapp fedoraproject CWE-416
7.8
2022-01-26 CVE-2021-22600 Double Free vulnerability in multiple products
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service.
local
high complexity
linux debian netapp CWE-415
7.0
2022-01-18 CVE-2021-4083 Race Condition vulnerability in multiple products
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition.
local
high complexity
linux netapp debian oracle CWE-362
7.0
2022-01-14 CVE-2022-23222 NULL Pointer Dereference vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
local
low complexity
linux debian netapp fedoraproject CWE-476
7.8
2021-12-24 CVE-2021-45480 Memory Leak vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.15.11.
4.7
2021-12-23 CVE-2021-45469 Out-of-bounds Read vulnerability in multiple products
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
local
low complexity
linux fedoraproject debian netapp CWE-125
7.8
2021-12-22 CVE-2021-44733 Race Condition vulnerability in multiple products
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11.
local
high complexity
linux redhat fedoraproject debian netapp CWE-362
7.0
2021-12-16 CVE-2021-45095 Information Exposure vulnerability in multiple products
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
local
low complexity
linux debian CWE-200
2.1
2021-06-08 CVE-2021-3564 Double Free vulnerability in multiple products
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device.
local
low complexity
linux fedoraproject debian CWE-415
5.5
2021-05-26 CVE-2020-27815 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian netapp CWE-119
7.8