An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-03-23
Updated
2023-05-16
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Max CVSS
7.0
EPSS Score
0.04%
Published
2022-04-29
Updated
2024-01-21
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-04-29
Updated
2022-12-14
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
Max CVSS
7.1
EPSS Score
0.05%
Published
2022-04-29
Updated
2023-11-09
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-03-06
Updated
2023-01-20
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-03-23
Updated
2023-02-01
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
Max CVSS
5.5
EPSS Score
0.06%
Published
2022-04-02
Updated
2023-02-03
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-04-03
Updated
2023-01-03
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
Max CVSS
5.5
EPSS Score
0.05%
Published
2022-04-03
Updated
2023-01-03
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-04-03
Updated
2023-02-01
In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.
Max CVSS
7.0
EPSS Score
0.04%
Published
2022-04-22
Updated
2022-10-26
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!