Vulnerabilities > Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-05 | CVE-2022-32296 | Use of Insufficiently Random Values vulnerability in Linux Kernel The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. | 3.3 |
| 2022-06-02 | CVE-2022-32250 | Use After Free vulnerability in multiple products net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | 7.8 |
| 2022-06-02 | CVE-2022-1419 | Use After Free vulnerability in multiple products The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object. | 7.8 |
| 2022-06-02 | CVE-2022-1462 | An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. | 6.3 |
| 2022-06-02 | CVE-2022-1652 | Use After Free vulnerability in multiple products Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. | 7.8 |
| 2022-06-02 | CVE-2022-1786 | Type Confusion vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. | 7.8 |
| 2022-06-02 | CVE-2022-1789 | NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. | 6.8 |
| 2022-06-02 | CVE-2022-1943 | Out-of-bounds Write vulnerability in Linux Kernel A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). | 7.8 |
| 2022-05-26 | CVE-2022-1882 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. | 7.8 |
| 2022-05-25 | CVE-2022-1678 | An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. | 7.5 |