Vulnerabilities > Linux > Linux Kernel > 5.4.172

DATE CVE VULNERABILITY TITLE RISK
2022-10-13 CVE-2022-42719 Use After Free vulnerability in multiple products
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
8.8
2022-10-09 CVE-2022-42703 Use After Free vulnerability in Linux Kernel
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
local
low complexity
linux CWE-416
5.5
2022-09-30 CVE-2022-41848 Use After Free vulnerability in Linux Kernel
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
high complexity
linux CWE-416
4.2
2022-09-30 CVE-2022-41849 Use After Free vulnerability in multiple products
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
high complexity
linux debian CWE-416
4.2
2022-09-30 CVE-2022-41850 Use After Free vulnerability in multiple products
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
local
high complexity
linux debian CWE-416
4.7
2022-09-23 CVE-2022-2785 Out-of-bounds Read vulnerability in Linux Kernel
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF.
local
low complexity
linux CWE-125
5.5
2022-09-21 CVE-2022-41222 Use After Free vulnerability in multiple products
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
local
high complexity
linux debian netapp canonical CWE-416
7.0
2022-09-21 CVE-2022-41218 Use After Free vulnerability in multiple products
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
local
low complexity
linux debian CWE-416
5.5
2022-09-19 CVE-2022-3239 Use After Free vulnerability in Linux Kernel
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.
local
low complexity
linux CWE-416
7.8
2022-09-18 CVE-2022-40768 Use of Uninitialized Resource vulnerability in multiple products
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
local
low complexity
linux fedoraproject debian CWE-908
5.5