Vulnerabilities > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2022-07-05 CVE-2022-33741 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
7.1
2022-07-05 CVE-2022-33742 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
7.1
2022-07-05 CVE-2022-33743 network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
local
low complexity
xen linux debian
7.8
7.8
2022-07-04 CVE-2022-34918 Type Confusion vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.18.9.
local
low complexity
linux debian canonical netapp CWE-843
7.8
7.8
2022-06-10 CVE-2022-32981 Classic Buffer Overflow vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms.
local
low complexity
linux CWE-120
7.8
7.8
2022-06-09 CVE-2022-1998 Use After Free vulnerability in multiple products
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user().
local
low complexity
linux fedoraproject redhat netapp CWE-416
7.8
7.8
2022-06-02 CVE-2022-32250 Use After Free vulnerability in multiple products
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8
7.8
2022-06-02 CVE-2022-1419 Use After Free vulnerability in multiple products
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
local
low complexity
linux debian CWE-416
7.8
7.8
2022-06-02 CVE-2022-1652 Use After Free vulnerability in multiple products
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function.
local
low complexity
linux redhat debian netapp CWE-416
7.8
7.8
2022-06-02 CVE-2022-1786 Type Confusion vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring.
local
low complexity
linux netapp CWE-843
7.8
7.8