Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-07 | CVE-2022-42328 | Improper Locking vulnerability in multiple products Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). | 5.5 |
| 2022-12-07 | CVE-2022-42329 | Improper Locking vulnerability in multiple products Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). | 5.5 |
| 2022-12-05 | CVE-2022-4269 | Unspecified vulnerability in Linux Kernel 4.1 A flaw was found in the Linux kernel Traffic Control (TC) subsystem. | 5.5 |
| 2022-11-30 | CVE-2022-45869 | Race Condition vulnerability in Linux Kernel A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled. | 5.5 |
| 2022-11-28 | CVE-2022-4127 | Unspecified vulnerability in Linux Kernel A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. | 5.5 |
| 2022-11-28 | CVE-2022-4128 | Unspecified vulnerability in Linux Mptcp Protocol A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. | 5.5 |
| 2022-11-28 | CVE-2022-4129 | Improper Locking vulnerability in multiple products A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). | 5.5 |
| 2022-11-25 | CVE-2022-45887 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 4.7 |
| 2022-11-25 | CVE-2022-45888 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.9. | 6.4 |
| 2022-11-23 | CVE-2022-42895 | Access of Uninitialized Pointer vulnerability in Linux Kernel There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url | 6.5 |