VulDB Recent Entries

A vulnerability has been found in Linux Kernel up to 6.1.6 and classified as critical. This vulnerability affects unknown code of the component arm-smmu. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-48895. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.7. This affects the function gsmi_get_variable of the component EFI Variable Handler. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2023-52893. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.6. Affected by this issue is the function platform_device_id of the file sof_nau8825.c. The manipulation leads to incorrect calculation of buffer size. This vulnerability is handled as CVE-2022-48889. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.6. Affected by this vulnerability is the function of_icc_get of the component dpu. The manipulation leads to memory leak. This vulnerability is known as CVE-2022-48888. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.7. Affected is the function nilfs_btree_insert of the file fs/nilfs2/btree.c of the component nilfs2. The manipulation leads to unchecked return value. This vulnerability is traded as CVE-2023-52900. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.88/6.1.6. It has been rated as critical. This issue affects the function dup_user_cpus_ptr of the component sched. The manipulation leads to use after free. The identification of this vulnerability is CVE-2022-48892. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.6. It has been declared as critical. This vulnerability affects the function execution_buffer of the component vmwgfx. The manipulation leads to buffer overflow. This vulnerability was named CVE-2022-48887. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.164/5.15.89/6.1.7. It has been classified as critical. This affects the function hci_dev_open_sync of the component Bluetooth. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2022-48878. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.163/5.15.88/6.1.6 and classified as problematic. Affected by this issue is the function dp_aux_cmd_fifo_tx of the component drm. The manipulation leads to race condition. This vulnerability is handled as CVE-2022-48898. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.4.229/5.10.164/5.15.89/6.1.7 and classified as critical. Affected by this vulnerability is the function btrfs_qgroup_rescan. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2023-52896. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.7. Affected is an unknown function of the file fs/btrfs/qgroup.c of the component btrfs. The manipulation leads to state issue. This vulnerability is traded as CVE-2023-52897. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.7. This issue affects the function ncm_bitrate of the component usb. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2023-52894. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.10.164/5.15.89/6.1.7. This vulnerability affects the function ieee80211_tx_ba_session_handle_start of the file net/mac80211/driver-ops.c of the component mac80211. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-48875. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.7. This affects the function fastrpc_map_find. The manipulation of the argument take_ref leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2022-48874. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.229/5.10.164/5.15.89/6.1.7. It has been rated as critical. Affected by this issue is the function creater_process of the component fastrpc. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2022-48873. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.229/5.10.164/5.15.89/6.1.7. It has been declared as problematic. Affected by this vulnerability is the function fastrpc_map_get in the library lib/refcount.c. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2022-48872. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.164/5.15.89/6.1.7. It has been classified as problematic. Affected is the function qcom_geni_serial_port_setup of the file qca/htbtfw20.tlv. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2022-48871. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.89/6.1.7 and classified as critical. This issue affects the function spk_ttyio_release of the file /devices/virtual/input/input4 of the component tty. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2022-48870. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.89/6.1.7 and classified as critical. This vulnerability affects the function drv_enable_wq of the component dmaengine. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-48868. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.7. This affects the function idxd_dmaengine_drv_remove of the component dmaengine. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2022-48867. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.