Vuldb Updates

A vulnerability marked as critical has been reported in Linux Kernel up to 5.15.64/5.19.5. The affected element is the function hugetlb_mcopy_atomic_pte of the component HugeTLB Page Handler. This manipulation causes memory corruption. This vulnerability is tracked as CVE-2022-49991. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.4.211/5.10.140/5.15.64/5.19.6. This affects the function __dma_map_sg_attrs of the file kernel/dma/mapping.c of the component udmabuf. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2022-49983. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 4.19.256/5.4.211/5.10.140/5.15.64/5.19.6. Impacted is the function hid_report of the component HID Steam Driver. Such manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-49984. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.19.6 and classified as critical. This impacts the function pvr_probe of the component media. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-49982. Access to the local network is required for this attack to succeed. There is no exploit available. The affected component should be upgraded.

A vulnerability has been found in Linux Kernel up to 5.10.139/5.15.63/5.19.5 and classified as problematic. The affected element is the function tnum_range of the component bpf. Performing manipulation results in out-of-bounds read. This vulnerability is known as CVE-2022-49985. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

A vulnerability classified as critical was found in Linux Kernel up to 5.19.6. This vulnerability affects the function is_ftrace_trampoline of the component ftrace. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2022-49977. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as problematic was found in Linux Kernel up to 5.19.7. The affected element is the function x86_acpi_irq_helper_get. Such manipulation leads to denial of service. This vulnerability is documented as CVE-2022-49976. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.19.6. This affects the function do_fb_ioctl of the file fbmem.c of the component fbdev. Executing manipulation can lead to divide by zero. This vulnerability appears as CVE-2022-49978. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.10.140/5.15.64/5.19.6. Affected is the function smc_fback_replace_callbacks in the library lib/refcount.c. Executing manipulation of the argument sk_user_data can lead to improper update of reference count. This vulnerability is handled as CVE-2022-49979. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.4.211/5.10.140/5.15.64/5.19.6. This affects the function fq_codel_drop of the component bpf. The manipulation results in privilege escalation. This vulnerability is identified as CVE-2022-49975. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.6. It has been rated as critical. This issue affects the function usb_udc_uevent of the component Gadget Driver. Performing manipulation results in use after free. This vulnerability is identified as CVE-2022-49980. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.19.6. This issue affects the function hidraw_release of the component HID. This manipulation causes memory leak. This vulnerability appears as CVE-2022-49981. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.65/5.19.7. It has been declared as critical. The affected element is the function sk_msg_recvmsg of the component skmsg. Executing manipulation can lead to null pointer dereference. The identification of this vulnerability is CVE-2022-49973. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 5.19.7. This issue affects the function XDP_SHARED_UMEM of the component xsk. The manipulation results in improper initialization. This vulnerability is cataloged as CVE-2022-49972. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 5.19.6. It has been rated as critical. The impacted element is the function nintendo_hid_remove of the component HID. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2022-49974. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.19.6. This issue affects the function smu_v13_0_4_init_smc_tables. The manipulation leads to memory leak. This vulnerability is referenced as CVE-2022-49971. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in Linux Kernel up to 4.19.256/5.4.211/5.10.140/5.15.64/5.19.6. This affects an unknown part. Executing manipulation can lead to privilege escalation. This vulnerability is tracked as CVE-2022-49969. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 4.19.257/5.4.212/5.10.141/5.15.65/5.19.7. This impacts the function ieee802154_unregister_hw. Performing manipulation results in use after free. This vulnerability is known as CVE-2022-49968. Access to the local network is required for this attack. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel. It has been classified as problematic. Impacted is the function bpf_jit_limit of the component bpf. Performing manipulation results in race condition. This vulnerability was named CVE-2022-49967. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 5.10.140/5.15.64/5.19.6. This vulnerability affects the function fini_microcode. Executing manipulation can lead to memory leak. The identification of this vulnerability is CVE-2022-49966. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.