Vulnerabilities > Linux > Linux Kernel > 5.18.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-24 | CVE-2022-2978 | Use After Free vulnerability in multiple products A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. | 7.8 |
2022-08-22 | CVE-2022-2873 | Incorrect Calculation of Buffer Size vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. | 5.5 |
2022-08-12 | CVE-2022-2503 | Improper Authentication vulnerability in Linux Kernel Dm-verity is used for extending root-of-trust to root filesystems. | 6.7 |
2022-07-27 | CVE-2022-36946 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | 7.5 |
2022-07-27 | CVE-2022-36879 | An issue was discovered in the Linux kernel through 5.18.14. | 5.5 |
2022-07-18 | CVE-2021-33655 | Out-of-bounds Write vulnerability in multiple products When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | 6.7 |
2022-07-06 | CVE-2022-2318 | Use After Free vulnerability in multiple products There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. | 5.5 |
2022-06-30 | CVE-2022-1852 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. | 5.5 |
2022-06-30 | CVE-2022-2078 | Stack-based Buffer Overflow vulnerability in multiple products A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. | 5.5 |
2022-05-26 | CVE-2022-1882 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. | 7.8 |