Vulnerabilities > Linux > Linux Kernel > 6.1.13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-01 | CVE-2023-23005 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | 5.5 |
2023-01-17 | CVE-2022-41858 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. | 7.1 |
2023-01-09 | CVE-2022-2196 | Insecure Default Initialization of Resource vulnerability in multiple products A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. | 8.8 |
2022-11-27 | CVE-2022-45919 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.10. | 7.0 |
2022-11-25 | CVE-2022-45886 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 7.0 |
2022-09-23 | CVE-2022-2785 | Out-of-bounds Read vulnerability in Linux Kernel There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. | 5.5 |
2022-09-14 | CVE-2022-3202 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. | 7.1 |
2022-08-29 | CVE-2022-0850 | Unspecified vulnerability in Linux Kernel A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. | 7.1 |
2022-03-03 | CVE-2021-3640 | Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. | 7.0 |
2022-01-18 | CVE-2021-4083 | Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. | 7.0 |