VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 5.15.33/5.16.19/5.17.2 and classified as critical. This issue affects the function _scsih_expander_node_remove. The manipulation of the argument local leads to use after free. The identification of this vulnerability is CVE-2022-49082. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.33/5.16.19/5.17.2 and classified as problematic. This vulnerability affects unknown code of the file mm/highmem.c. The manipulation leads to improper initialization. This vulnerability was named CVE-2022-49081. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.17.2. This affects the function mpol_new. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2022-49080. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.17.2. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2021-47633. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.18.5. Affected by this vulnerability is the function ata_host_alloc_pinfo. The manipulation of the argument ppi leads to null pointer dereference. This vulnerability is known as CVE-2022-49731. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.126/5.15.50/5.18.7. Affected is the function smp_processor_id. The manipulation leads to insufficiently random values. This vulnerability is traded as CVE-2022-49698. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.7. It has been rated as problematic. This issue affects the function uvcg_video_pump. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2022-49686. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. It has been declared as problematic. This vulnerability affects the function tcp_bpf_sendmsg of the file net/core/stream.c. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2022-49207. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. It has been classified as problematic. This affects an unknown part of the file qla_tmpl.c of the component scsi. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2022-49157. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1 and classified as problematic. Affected by this issue is some unknown functionality of the component ASoC. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2022-49252. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.18.14 and classified as critical. Affected by this vulnerability is the function mpol_rebind_policy. The manipulation leads to improper initialization. This vulnerability is known as CVE-2022-49567. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.17.1. Affected is an unknown function. The manipulation leads to uninitialized pointer. This vulnerability is traded as CVE-2022-49248. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.17.1. This issue affects the function qla_create_qpair. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2022-49155. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.48/5.18.5. This vulnerability affects the function fsl_mc_bus_remove. The manipulation leads to use after free. This vulnerability was named CVE-2022-49711. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.17.2. This affects the function mlxsw_sp_port. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-49134. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 4.19.249/5.4.201/5.10.126/5.15.50/5.18.7. It has been rated as critical. Affected by this issue is the function of_find_matching_node. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2022-49678. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.17.2. It has been declared as critical. Affected by this vulnerability is the function ath11k_pci of the file /proc/sys/kernel/hung_task_timeout_secs. The manipulation leads to deadlock. This vulnerability is known as CVE-2022-49123. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. It has been classified as problematic. Affected is an unknown function of the component ASoC. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2022-49251. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1 and classified as critical. This issue affects the function comp_enabled. The manipulation of the argument comp_enabled[] leads to memory corruption. The identification of this vulnerability is CVE-2022-49250. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.32/5.16.18/5.17.1 and classified as critical. This vulnerability affects the function of_parse_phandle. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-49244. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.