Vulnerabilities > Linux > Linux Kernel > 5.19.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-2590 | Race Condition vulnerability in Linux Kernel A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. | 7.0 |
| 2022-08-31 | CVE-2022-3028 | Out-of-bounds Write vulnerability in multiple products A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. | 7.0 |
| 2022-08-29 | CVE-2022-0850 | Unspecified vulnerability in Linux Kernel A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. | 7.1 |
| 2022-08-29 | CVE-2022-2961 | Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. | 7.0 |
| 2022-08-24 | CVE-2022-2978 | Use After Free vulnerability in multiple products A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. | 7.8 |
| 2022-03-03 | CVE-2021-3640 | Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. | 7.0 |
| 2022-01-18 | CVE-2021-4083 | Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. | 7.0 |
| 2021-06-08 | CVE-2021-3564 | Double Free vulnerability in multiple products A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. | 5.5 |
| 2021-05-26 | CVE-2020-27815 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. | 7.8 |
| 2021-05-26 | CVE-2020-25668 | Improper Synchronization vulnerability in multiple products A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | 7.0 |