| CVE-2023-25012 |
Unknown |
Unknown |
Unknown |
Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long |
| CVE-2023-23455 |
Unknown |
Unknown |
Insufficient validation |
the return code of of tcf_classify is insufficiently validated before interpreting part of the result as a pointer in the network schedulers code |
| CVE-2023-23454 |
Unknown |
Unknown |
Denial of service |
cbq_classify in net/sched/sch_cbq.c allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non- negative numbers... |
| CVE-2023-0394 |
Unknown |
Unknown |
Unknown |
memory corruption with IPV6_CHECKSUM socket option |
| CVE-2023-0266 |
Unknown |
Unknown |
Unknown |
|
| CVE-2023-0122 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-47946 |
Unknown |
Unknown |
Denial of service |
use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service |
| CVE-2022-47943 |
High |
Yes |
Information disclosure |
out-of-bounds read memory can be written to a file, if DataOffset is 0 and Length is too large in SMB2_WRITE request of compound request in... |
| CVE-2022-47942 |
Unknown |
Unknown |
Unknown |
heap-overflow in set_ntacl_dacl() when setting a malformed file attribute under the label `security.NTACL` using SMB2_SET_INFO_HE followed by SMB2_QUERY_INFO_HE |
| CVE-2022-47941 |
Unknown |
Unknown |
Unknown |
memory leak in smb2_handle_negotiate() under error conditions |
| CVE-2022-47940 |
Unknown |
Unknown |
Insufficient validation |
smb2_write() and smb2_write_pipe do not avlidate the length when no padding is used |
| CVE-2022-47939 |
Unknown |
Unknown |
Unknown |
use-after-free in smb2_tree_disconnect) when a danging pointer is accessed in compound requests |
| CVE-2022-47938 |
Unknown |
Unknown |
Unknown |
out of bound read in smb2_tree_connnect |
| CVE-2022-47929 |
Unknown |
Unknown |
Unknown |
null pointer dereference in net/sched/sch_api.c |
| CVE-2022-43945 |
Unknown |
Unknown |
Unknown |
send buffer overflow in NFSv2 READDIR |
| CVE-2022-43750 |
Unknown |
No |
Unknown |
userspace can cause kernel memory corruption in drivers/usb/mon/mon_bin.c |
| CVE-2022-42896 |
High |
Yes |
Arbitrary code execution |
use-after-free in net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req may allow code execution and leaking kernel memory (respectively)... |
| CVE-2022-42895 |
Medium |
Yes |
Information disclosure |
infoleak in net/bluetooth/l2cap_core.c's l2cap_parse_conf_req can be used to leak kernel pointers remotely |
| CVE-2022-42703 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-42329 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-41850 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-41849 |
Unknown |
No |
Unknown |
use-after-free in ufx_ops_open() due to race condition with ufx_usb_disconnect() when disconnecting a usb device while calling open() on the device |
| CVE-2022-41218 |
Unknown |
Unknown |
Unknown |
use-after-free when dvb_demux_open() is called between the two syncs of dvbdev->users and dvr_dvbdev->users in dvb_dmxdev_release() |
| CVE-2022-40768 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-40307 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-39842 |
Unknown |
Unknown |
Unknown |
I pxa3xx_gcu_write defined in drivers/video/fbdev/pxa3xx-gcu.c, a count parameter of type size_t is passed to words of type int. Then, copy_from_user()... |
| CVE-2022-36946 |
Unknown |
Yes |
Denial of service |
nfqnl_mangle in net/netfilter/nfnetlink_queue.c allows remote attackers to cause a denial of service in the case of a nf_queue verdict with a one-byte... |
| CVE-2022-36879 |
Unknown |
Unknown |
Unknown |
double xfrm_pols_put() in xfrm_bundle_lookup() |
| CVE-2022-36280 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-34495 |
Unknown |
Unknown |
Unknown |
double-free in rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c |
| CVE-2022-34494 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-32296 |
Unknown |
Unknown |
Unknown |
tcp clients could be fingerprinted due to insufficient randomness when selecting the source port |
| CVE-2022-4382 |
Unknown |
Unknown |
Unknown |
use-after-free in in gadgetfs driver when concurrently mounting and unmounting the gadgetfs filesystem between gadgetfs_fill_super() and race with gadgetfs_kill_sb() |
| CVE-2022-4379 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-4378 |
Unknown |
Unknown |
Unknown |
integer type confusion in get_proc_long |
| CVE-2022-3977 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3910 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3649 |
Unknown |
Unknown |
Unknown |
use-after-free in nilfs_new_inode in fs/nilfs2/inode.c |
| CVE-2022-3646 |
Unknown |
Unknown |
Unknown |
memory leak when nilfs_attach_log_writer() fails to create a log writer thread |
| CVE-2022-3643 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3636 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3635 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3628 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3623 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3621 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3606 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3594 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3586 |
Unknown |
Unknown |
Unknown |
potential use-after-free in sch_sfb enqueue() |
| CVE-2022-3567 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3566 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3565 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3564 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3545 |
Unknown |
Unknown |
Unknown |
use-after-free in nfp6000_area_init in drivers/net/ethernet/netronome/nfp/nfpcore/nfp6000_pcie.c |
| CVE-2022-3543 |
Unknown |
Unknown |
Unknown |
memory leaks in net/unix/af_unix.c |
| CVE-2022-3541 |
Unknown |
Unknown |
Unknown |
use after free in spl2sw_nvmem_get_mac_address |
| CVE-2022-3534 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3524 |
Unknown |
Unknown |
Denial of service |
memory leak in ipv6_renew_options() when one thread is converting an IPv6 socket into IPv4 with IPV6_ADDRFORM while another thread calls... |
| CVE-2022-3303 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3239 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3061 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-3028 |
Unknown |
Unknown |
Unknown |
race-condition with xfrm_probe_algs() in net/key/af_key.c |
| CVE-2022-2978 |
Unknown |
Unknown |
Unknown |
In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then... |
| CVE-2022-2873 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-2663 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-2503 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-2153 |
Unknown |
No |
Denial of service |
NULL pointer dereference in kvm_irq_delivery_to_apic_fast() could cause the the host to crash |
| CVE-2022-1012 |
Unknown |
Unknown |
Unknown |
|
| CVE-2022-0812 |
Unknown |
Unknown |
Unknown |
|