AVG-2698 log

Package linux
Status Fixed
Severity High
Type multiple issues
Affected 5.17.2.arch3-1
Fixed 5.17.3.arch1-1
Current 6.12.arch1-1 [core-testing]
6.11.9.arch1-1 [core]
Ticket None
Created Mon May 9 21:54:23 2022
Issue Severity Remote Type Description
CVE-2022-28390 High No Denial of service
A double-free flaw was found in the Linux kernel in the ems_usb_start_xmit function. This flaw allows an attacker to create a memory leak and corrupt the...
CVE-2022-28389 Medium No Denial of service
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28388 High Unknown Unknown
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-27666 High Unknown Unknown
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a...
CVE-2022-26490 High Unknown Unknown
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of...
CVE-2022-1516 Unknown Unknown Unknown
A NULL pointer dereference flaw in the implementation of the X.25 set of standardized network protocols, which can result in denial of service.
CVE-2022-1353 Unknown Unknown Unknown
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access...
CVE-2022-1205 Unknown Unknown Unknown
There are NPD and use-after-free vulnerabilities in net/ax25/ax25_timer.c of linux that allow attacker to crash linux kernel by simulating ax25 device from...
CVE-2022-1204 Unknown Unknown Unknown
There are use-after-free vulnerabilities in net/ax25/af_ax25.c of linux that allow attacker to crash linux kernel by simulating ax25 device from user space.
CVE-2022-1199 Unknown Unknown Unknown
There are null-ptr-deref vulnerability and use-after-free vulnerabilities in net/ax25/af_ax25.c of linux that allow attacker to crash linux kernel by...
CVE-2022-1198 Unknown Unknown Unknown
There are use-after-free vulnerabilities in drivers/net/hamradio/6pack.c of linux that allow attacker to crash linux kernel by simulating ax25 device using...
CVE-2022-1195 Unknown Unknown Unknown
A use-after-free vulnerability was found in drivers/net/hamradio in the Linux kernel. In this flaw, a local attacker with a user privilege may lead to a...
CVE-2022-1158 Unknown Unknown Unknown
Linux Kernel v5.2+: x86/kvm: cmpxchg_gpte can write to pfns outside the userspace region
CVE-2022-1048 Unknown Unknown Unknown
race condition in snd_pcm_hw_free leading to use-after-free
CVE-2022-1016 Unknown Unknown Unknown
CVE-2022-1016 pertains to uninitialized stack data in the nft_do_chain routine. CVE-2022-1016 is exploitable starting from commit 96518518cc41 (original...
CVE-2022-1015 Unknown Unknown Unknown
CVE-2022-1015 pertains to an out of bounds access in nf_tables expression evaluation due to validation of user register indices. It leads to local privilege...
CVE-2022-0168 Unknown Unknown Unknown
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS)...
CVE-2021-4197 High Unknown Unknown
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some...
Notes
TODO