RSS   Podatności dla 'Linux kernel'   RSS

2022-07-12
 
CVE-2011-4916

CWE-200
 

 
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

 
2022-07-06
 
CVE-2022-2318

CWE-416
 

 
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

 
2022-06-09
 
CVE-2022-1998

CWE-416
 

 
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

 
2022-06-02
 
CVE-2022-1419

CWE-416
 

 
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.

 
 
CVE-2022-1462

CWE-362
 

 

 
 
CVE-2022-1652

CWE-416
 

 
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

 
2022-05-16
 
CVE-2022-1679

CWE-416
 

 

 
2022-05-12
 
CVE-2022-30594

CWE-276
 

 
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

 
2022-05-05
 
CVE-2022-1516

CWE-416
 

 

 
2022-05-02
 
CVE-2022-29968

CWE-909
 

 
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

 


Copyright 2023, cxsecurity.com

 

Back to Top