U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Linux kernel
  • Search Type: Search All
There are 3,628 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2022-34665

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.

Published: November 18, 2022; 7:15:27 PM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-31615

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.

Published: November 18, 2022; 7:15:26 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-31607

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.

Published: November 18, 2022; 7:15:23 PM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3903

An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.

Published: November 14, 2022; 4:15:17 PM -0500
V3.1: 4.6 MEDIUM
V2.0:(not available)
CVE-2022-3238

A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount and umount simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Published: November 14, 2022; 4:15:16 PM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-34666

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.

Published: November 10, 2022; 11:15:10 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-38014

Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.

Published: November 09, 2022; 5:15:15 PM -0500
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Published: November 04, 2022; 3:15:11 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-44034

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove().

Published: October 29, 2022; 9:15:08 PM -0400
V3.1: 6.4 MEDIUM
V2.0:(not available)
CVE-2022-44033

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach().

Published: October 29, 2022; 9:15:08 PM -0400
V3.1: 6.4 MEDIUM
V2.0:(not available)
CVE-2022-44032

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach().

Published: October 29, 2022; 9:15:08 PM -0400
V3.1: 6.4 MEDIUM
V2.0:(not available)
CVE-2022-43750

drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.

Published: October 26, 2022; 12:15:13 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3649

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.

Published: October 21, 2022; 4:15:09 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-3646

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.

Published: October 21, 2022; 2:15:10 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2022-3640

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.

Published: October 21, 2022; 11:15:09 AM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3637

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlink_init of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211936.

Published: October 21, 2022; 7:15:09 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3636

A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211935.

Published: October 21, 2022; 7:15:09 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3635

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.

Published: October 21, 2022; 7:15:09 AM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2022-3633

A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.

Published: October 21, 2022; 7:15:09 AM -0400
V3.1: 3.3 LOW
V2.0:(not available)
CVE-2022-3630

A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects some unknown processing of the file fs/fscache/cookie.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211931.

Published: October 21, 2022; 2:15:09 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)