U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:3.14.6:*:*:*:*:*:*:*
There are 1,402 matching records.
Displaying matches 241 through 260.
Vuln ID Summary CVSS Severity
CVE-2022-43750

drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.

Published: October 26, 2022; 12:15:13 AM -0400
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

Published: October 25, 2022; 1:15:57 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3649

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.

Published: October 21, 2022; 4:15:09 PM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2022-3635

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.

Published: October 21, 2022; 7:15:09 AM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2022-3586

A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.

Published: October 19, 2022; 2:15:13 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3606

A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.

Published: October 19, 2022; 5:15:10 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3595

A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211364.

Published: October 18, 2022; 4:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3594

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.

Published: October 18, 2022; 4:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2022-3565

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.

Published: October 17, 2022; 3:15:10 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-3564

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.

Published: October 17, 2022; 3:15:10 PM -0400
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2022-3544

A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044.

Published: October 17, 2022; 8:15:11 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3543

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043.

Published: October 17, 2022; 8:15:10 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-3533

A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parse_usdt_arg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument reg_name leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211031.

Published: October 17, 2022; 5:15:12 AM -0400
V3.1: 5.7 MEDIUM
V2.0:(not available)
CVE-2022-3521

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.

Published: October 16, 2022; 6:15:09 AM -0400
V3.1: 2.5 LOW
V2.0:(not available)
CVE-2022-42703

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

Published: October 09, 2022; 7:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-41850

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

Published: September 30, 2022; 2:15:12 AM -0400
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2022-41849

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.

Published: September 30, 2022; 2:15:12 AM -0400
V3.1: 4.2 MEDIUM
V2.0:(not available)
CVE-2022-41848

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.

Published: September 30, 2022; 2:15:11 AM -0400
V3.1: 4.2 MEDIUM
V2.0:(not available)
CVE-2022-3303

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition

Published: September 27, 2022; 7:15:15 PM -0400
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2022-2785

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c

Published: September 23, 2022; 7:15:09 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)