Aggregator

A vulnerability has been found in Linux Kernel up to 5.16.12 and classified as critical. Affected by this vulnerability is the function sock_hold of the component nf_queue. The manipulation leads to use after free. This vulnerability is known as CVE-2022-48911. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.10.102/5.15.25/5.16.11. Affected is the function kvm_arch_can_dequeue_async_page_present of the component KVM. The manipulation leads to state issue. This vulnerability is traded as CVE-2022-48943. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

酱酱们中午好～今天的 AGI 掘金热点资讯来啦，我们知识库上线了 AI 小助手，欢迎来撩！

“务实”、“重视技术”是团队的底色。

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.10.102/5.15.25/5.16.11. This issue affects the function devm_thermal_zone_of_sensor_register of the component hwmon. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2022-48942. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.10.102/5.15.25/5.16.11. This vulnerability affects the function trace_hardirqs_on/trace_hardirqs_off of the component riscv. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-48922. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.10.136/5.15.26/5.16.12. This affects the function sched_fork. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-48921. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.9/5.10/5.10.102/5.15.25/5.16.11. It has been rated as critical. Affected by this issue is the function resolve_prepare_src of the component RDMA. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-48925. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.102/5.15.25/5.16.11. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component CDC-NCM. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2022-48938. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.181/5.10.102/5.15.25/5.16.11. It has been classified as critical. Affected is the function nfp_tunnel_add_shared_mac. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-48934. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.11 and classified as problematic. This issue affects the function mlx5_cmd_dr_create_fte. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2022-48932. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.16.11 and classified as critical. This vulnerability affects the function cancel_work_sync of the component ib_srp. The manipulation leads to deadlock. This vulnerability was named CVE-2022-48930. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.16.11. This affects the function list_add of the component rndis. The manipulation leads to race condition. This vulnerability is uniquely identified as CVE-2022-48926. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.26/5.16.12. Affected by this issue is the function remove of the component auxdisplay. The manipulation leads to memory leak. This vulnerability is handled as CVE-2022-48907. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.26/5.16.12. Affected by this vulnerability is an unknown functionality of the component amd. The manipulation leads to memory leak. This vulnerability is known as CVE-2022-48904. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.15.26/5.16.12. Affected is the function lookup_inline_extent_backref+0x647/0x680 of the file fs/btrfs/extent-tree.c of the component btrfs. The manipulation leads to injection. This vulnerability is traded as CVE-2022-48901. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.12. It has been rated as problematic. This issue affects the function snd_soc_put_volsw of the component ASoC. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2022-48917. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.12. It has been declared as problematic. This vulnerability affects the function ipv6_mc_down of the component ipv6. The manipulation leads to allocation of resources. This vulnerability was named CVE-2022-48910. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.103/5.15.26/5.16.12. It has been classified as critical. This affects the function tcp_abort of the component smc. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2022-48909. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.25/5.16.11 and classified as critical. Affected by this issue is the function copy_map_value of the component bpf. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2022-48940. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.