VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 5.10.157/5.15.81/6.0.11 and classified as critical. Affected by this issue is the function e100_xmit_prepare. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-49026. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.81/6.0.11 and classified as problematic. Affected by this vulnerability is the function m_can_class_free_dev. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2022-49024. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.0.11. Affected is the function in_atomic of the file net/mptcp/protocol.c of the component mptcp. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2022-49018. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.81/6.0.11. This issue affects the function of_node_get/of_node_put of the component mdiobus. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2022-49016. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.4.225/5.10.157/5.15.81/6.0.11. This vulnerability affects the function sctp_stream_outq_migrate. The manipulation leads to memory leak. This vulnerability was named CVE-2022-49013. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.81/6.0.11. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-49004. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.81/6.0.11. It has been rated as critical. Affected by this issue is the function get_overflow_stack. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2022-49001. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.0.11. It has been declared as critical. Affected by this vulnerability is the function test_bpf. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2022-48998. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.0.11. It has been classified as problematic. Affected is the function damon_sysfs_set_schemes. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2022-48996. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.0.12 and classified as problematic. This issue affects the function seq_copy_in_user of the component ALSA. The manipulation leads to incorrect control flow. The identification of this vulnerability is CVE-2022-48994. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.4.226/5.10.158/5.15.82/6.0.12 and classified as critical. This vulnerability affects the function gup_pud_range of the component HugeTLB Page Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2022-48986. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.82/6.0.12. This affects the function io_tctx_exit_cb. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-48983. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.0.12. Affected by this issue is the function can_rx_register. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2022-48977. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.4.226/5.10.158/5.15.82/6.0.12. Affected by this vulnerability is the function unix_diag_get_exact. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2022-48970. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.0.12. Affected is the function nci_add_new_protocol of the file net/nfc/nci/ntf.c. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2022-48967. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.85/6.0.14/6.1.0. It has been rated as problematic. This issue affects the function soc_device_attribute of the component mt7621. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2022-48952. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.2. It has been classified as critical. Affected is the function close_ctree of the component btrfs. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-49867. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.167/6.1.112/6.6.54/6.10.13/6.11.2 on CPU0 and classified as problematic. This issue affects the function cpu_device_down of the component timerlat. The manipulation leads to state issue. The identification of this vulnerability is CVE-2024-49866. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.11.2 and classified as critical. This vulnerability affects the function vhost_scsi_get_req of the component scsi. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-49863. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, was found in 0xJacky Nginx-UI up to 2.0.0-beta.35. This affects the function exec.Command. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-49368. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.