U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:arm64:*
  • CPE Name Search: true
There are 1,848 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2022-44034

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove().

Published: October 29, 2022; 9:15:08 PM -0400
V3.1: 6.4 MEDIUM
V2.0:(not available)
CVE-2022-44033

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach().

Published: October 29, 2022; 9:15:08 PM -0400
V3.1: 6.4 MEDIUM
V2.0:(not available)
CVE-2022-44032

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach().

Published: October 29, 2022; 9:15:08 PM -0400
V3.1: 6.4 MEDIUM
V2.0:(not available)
CVE-2022-43750

drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.

Published: October 26, 2022; 12:15:13 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

Published: October 25, 2022; 1:15:57 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3586

A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.

Published: October 19, 2022; 2:15:13 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3595

A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211364.

Published: October 18, 2022; 4:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3594

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.

Published: October 18, 2022; 4:15:09 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-3565

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

Published: October 17, 2022; 3:15:10 PM -0400
V3.1: 8.0 HIGH
V2.0:(not available)
CVE-2022-3545

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.

Published: October 17, 2022; 8:15:11 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3544

A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044.

Published: October 17, 2022; 8:15:11 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3543

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043.

Published: October 17, 2022; 8:15:10 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3521

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.

Published: October 16, 2022; 6:15:09 AM -0400
V3.1: 2.5 LOW
V2.0:(not available)
CVE-2022-42703

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

Published: October 09, 2022; 7:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-41850

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

Published: September 30, 2022; 2:15:12 AM -0400
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2022-41849

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.

Published: September 30, 2022; 2:15:12 AM -0400
V3.1: 4.2 MEDIUM
V2.0:(not available)
CVE-2022-41848

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.

Published: September 30, 2022; 2:15:11 AM -0400
V3.1: 4.2 MEDIUM
V2.0:(not available)
CVE-2022-3303

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition

Published: September 27, 2022; 7:15:15 PM -0400
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2022-2785

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c

Published: September 23, 2022; 7:15:09 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-41222

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.

Published: September 21, 2022; 4:15:09 AM -0400
V3.1: 7.0 HIGH
V2.0:(not available)