Vuldb Updates

A vulnerability was found in Linux Kernel up to 6.1.8. It has been rated as problematic. Affected by this issue is the function mdiobus_get_phy. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2023-53019. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.83/6.12.19/6.13.7 and classified as critical. This issue affects the function l2cap_send_cmd of the component Bluetooth. The manipulation leads to use after free. The identification of this vulnerability is CVE-2025-21969. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.4.231/5.10.167/5.15.92/6.1.10 and classified as problematic. This vulnerability affects the function brcmf_construct_chaninfo of the component brcmfmac. The manipulation of the argument Count leads to out-of-bounds read. This vulnerability was named CVE-2022-49740. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 4.19.271/5.4.230/5.10.165/5.15.90/6.1.8. It has been classified as problematic. This affects the function ip_metrics_convert of the component Kernel Memory Handler. The manipulation leads to improper validation of array index. This vulnerability is uniquely identified as CVE-2023-52997. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.5 and classified as problematic. This issue affects the function l2tp_ip6_sendmsg. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2022-49727. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.48/5.18.5. This vulnerability affects the function fsl_mc_bus_remove. The manipulation leads to use after free. This vulnerability was named CVE-2022-49711. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Adobe Flash Player 11.2.202.491/18.0.0.209. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2015-5133. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 4.19.250/5.4.203/5.10.128/5.15.52/5.18.9. Affected by this issue is some unknown functionality. The manipulation of the argument tun_file leads to privilege escalation. This vulnerability is handled as CVE-2022-49672. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.12. It has been declared as problematic. Affected by this vulnerability is the function tipc_sk_create. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2022-49620. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 5.18.12. This vulnerability affects the function sfp_probe. The manipulation leads to memory leak. This vulnerability was named CVE-2022-49619. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.18.9. This affects the function ad_clear_agg. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2022-49667. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.131/5.15.55/5.18.12 and classified as problematic. Affected by this issue is the function proc_douintvec. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2022-49641. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.4.207/5.10.133/5.15.57/5.18.14. Affected is an unknown function of the file igc_rd32/wr32. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-49605. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.18.14. This issue affects the function perf_event_set_output/perf_mmap_close. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2022-49607. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.18.13. This issue affects some unknown processing of the component VMX. The manipulation of the argument SPEC_CTRL leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2022-49610. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.2 and classified as critical. This issue affects the function libipw_xmit. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2022-49544. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.133/5.15.57/5.18.14 and classified as problematic. Affected by this issue is the function sysctl_ip_prot_sock. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2022-49578. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.18.14. Affected by this issue is the function be_get_module_eeprom. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2022-49581. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.45/5.17.13/5.18.2. This affects the function crash_prepare_elf64_headers. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-49546. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.2 and classified as critical. This issue affects the function si_parse_power_table. The manipulation leads to use after free. The identification of this vulnerability is CVE-2022-49530. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.