U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,053 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2022-47929

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.

Published: January 17, 2023; 4:15:14 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-41858

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

Published: January 17, 2023; 1:15:11 PM -0500
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2023-23559

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

Published: January 12, 2023; 8:15:10 PM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-23455

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Published: January 12, 2023; 2:15:09 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-23454

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Published: January 12, 2023; 2:15:08 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-4543

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.

Published: January 11, 2023; 10:15:09 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-4379

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

Published: January 10, 2023; 5:15:14 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a

Published: January 09, 2023; 6:15:10 AM -0500
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4662

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

Published: December 22, 2022; 5:15:16 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-47521

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.

Published: December 18, 2022; 1:15:09 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-47520

An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.

Published: December 18, 2022; 1:15:09 AM -0500
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2022-47519

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames.

Published: December 18, 2022; 1:15:09 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-47518

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.

Published: December 18, 2022; 1:15:09 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3115

An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3114

An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3113

An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3112

An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3111

An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3110

An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3108

An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

Published: December 14, 2022; 4:15:12 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)