VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as critical. Affected by this issue is the function usbnet_deferred_kevent of the file aqc111.c of the component USB Ethernet Driver. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-50220. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. Affected by this vulnerability is the function SG_FLAG_DIRECT_IO of the component iSCSI Driver. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2022-50215. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1. It has been classified as critical. Affected is the function coresight_release_platform_data in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-50214. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1 and classified as problematic. This issue affects the function list_add in the library lib/list_debug.c of the component wifi. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2022-50164. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.19.1 and classified as critical. This vulnerability affects the function if_usb_probe of the component wifi. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50162. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.19.1. This affects the function of_find_matching_node_and_match of the component mtd. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2022-50161. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.19.1. Affected by this issue is the function of_find_matching_node of the component mtd. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2022-50160. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. Affected by this vulnerability is the function ima_get_kexec_buffer. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-50159. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel. Affected is the function of_get_child_by_name of the component mtd. The manipulation leads to improper update of reference count. This vulnerability is traded as CVE-2022-50158. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. It has been rated as critical. This issue affects the function mc_pcie_init_irq_domains of the component PCI. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2022-50157. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. It has been declared as critical. This vulnerability affects the function of_find_node_by_path of the component mtd. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50155. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.62/5.19.1. It has been classified as problematic. This affects the function cdns3_allocate_trb_pool of the component usb. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2022-50151. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1 and classified as problematic. Affected by this issue is the function get_nodes of the component mempolicy. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2022-50147. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.60/5.18.17/5.19.1 and classified as critical. Affected by this vulnerability is the function mtk_pcie_init_irq_domains of the component PCI. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2022-50154. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. Affected is the function device_prep_dma_memcpy of the file /sys/module/dmatest/parameters/threads_per_chan. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-50145. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.19.1. This issue affects the function cp2112_xfer of the file drivers/hid/hid-cp2112.c of the component HID. The manipulation of the argument read_length leads to buffer overflow. The identification of this vulnerability is CVE-2022-50156. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.19.1. This vulnerability affects the function of_find_compatible_node of the component usb. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50153. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.18.17/5.19.1. This affects the function __kernfs_remove of the file fs/kernfs/dir.c of the component kernfs. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-50148. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as critical. Affected by this issue is the function of_parse_phandle of the component usb. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2022-50152. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. Affected by this vulnerability is the function rxe_create_qp of the component qp_init. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2022-50135. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.