Linux Kernel vulnerabilities

CVE-2022-3606 [LOW] CWE-404 CVE-2022-3606: A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the f A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.

CVE-2022-3594 [MEDIUM] CWE-404 CVE-2022-3594: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vul A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associ

CVE-2022-3595 [LOW] CWE-119 CVE-2022-3595: A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211364.

CVE-2022-3541 [MEDIUM] CWE-119 CVE-2022-3541: A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211041 was assigned to this vulne

CVE-2022-3565 [MEDIUM] CWE-119 CVE-2022-3565: A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

CVE-2022-3534 [MEDIUM] CWE-119 CVE-2022-3534: A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_ A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.

CVE-2022-3566 [MEDIUM] CWE-362 CVE-2022-3566: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the fu A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.

CVE-2022-3564 [MEDIUM] CWE-119 CVE-2022-3564: A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-21

CVE-2022-3545 [MEDIUM] CWE-119 CVE-2022-3545: A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerab A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 w

CVE-2022-3533 [LOW] CWE-404 CVE-2022-3533: A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parse_usdt_arg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument reg_name leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-21103

CVE-2022-3543 [LOW] CWE-404 CVE-2022-3543: A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue aff A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VD

CVE-2022-3567 [MEDIUM] CWE-362 CVE-2022-3567: A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability aff A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability.

CVE-2022-3544 [LOW] CWE-404 CVE-2022-3544: A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the fun A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044.

CVE-2022-3563 [LOW] CWE-404 CVE-2022-3563: A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function r A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read_50_controller_cap_complete of the file tools/mgmt-tester.c of the component BlueZ. The manipulation of the argument cap_len leads to null pointer dereference. It is recommended to apply a patch to fix this issue. VDB-211086 is the identifier assigned t

CVE-2022-3526 [MEDIUM] CWE-404 CVE-2022-3526: A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability

CVE-2022-3523 [MEDIUM] CWE-119 CVE-2022-3523: A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unk A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is

CVE-2022-3524 [MEDIUM] CWE-404 CVE-2022-3524: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vul A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this

CVE-2022-3521 [LOW] CWE-362 CVE-2022-3521: A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability aff A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.

CVE-2022-3435 [MEDIUM] CWE-119 CVE-2022-3435: A vulnerability classified as problematic has been found in Linux Kernel. This affects the function A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357

CVE-2022-3176 [HIGH] CWE-416 CVE-2022-3176: There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is p