Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-0394 |
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. Published: January 26, 2023; 4:18:07 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-47929 |
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. Published: January 17, 2023; 4:15:14 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-41858 |
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. Published: January 17, 2023; 1:15:11 PM -0500 |
V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2023-23559 |
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. Published: January 12, 2023; 8:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-23455 |
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). Published: January 12, 2023; 2:15:09 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-23454 |
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). Published: January 12, 2023; 2:15:08 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-4543 |
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. Published: January 11, 2023; 10:15:09 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-4379 |
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial Published: January 10, 2023; 5:15:14 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-2196 |
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a Published: January 09, 2023; 6:15:10 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-47943 |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case. Published: December 23, 2022; 12:15:08 PM -0500 |
V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2022-47942 |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. Published: December 23, 2022; 11:15:12 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-47941 |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak. Published: December 23, 2022; 11:15:12 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-47940 |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write. Published: December 23, 2022; 11:15:12 AM -0500 |
V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2022-47939 |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT. Published: December 23, 2022; 11:15:12 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-47938 |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT. Published: December 23, 2022; 11:15:12 AM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-4662 |
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. Published: December 22, 2022; 5:15:16 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-47521 |
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames. Published: December 18, 2022; 1:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-47520 |
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Published: December 18, 2022; 1:15:09 AM -0500 |
V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2022-47519 |
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. Published: December 18, 2022; 1:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-47518 |
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. Published: December 18, 2022; 1:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |