VulDB Recent Entries

A vulnerability classified as problematic has been found in Linux Kernel up to 5.15.26/5.16.12. Affected is the function lookup_inline_extent_backref+0x647/0x680 of the file fs/btrfs/extent-tree.c of the component btrfs. The manipulation leads to injection. This vulnerability is traded as CVE-2022-48901. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.12. It has been rated as problematic. This issue affects the function snd_soc_put_volsw of the component ASoC. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2022-48917. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.12. It has been declared as problematic. This vulnerability affects the function ipv6_mc_down of the component ipv6. The manipulation leads to allocation of resources. This vulnerability was named CVE-2022-48910. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.103/5.15.26/5.16.12. It has been classified as critical. This affects the function tcp_abort of the component smc. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2022-48909. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.25/5.16.11 and classified as critical. Affected by this issue is the function copy_map_value of the component bpf. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2022-48940. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.10.102/5.15.25/5.16.11 and classified as critical. Affected by this vulnerability is the function generic_map_delete_batch of the component bpf. The manipulation leads to infinite loop. This vulnerability is known as CVE-2022-48939. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.4.181/5.10.102/5.15.25/5.16.11. Affected is the function kfree of the component nf_tables. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-48933. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.16.11. This issue affects the function configfs_register_subsystem/configfs_unregister_subsystem of the component configfs. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-48931. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.36/5.16.11. This vulnerability affects the function reg2btf_ids of the component bpf. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-48929. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.16.11. This affects the function iio_device_register of the component men_z188_adc. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-48928. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.26/5.16.12. It has been rated as critical. Affected by this issue is the function __writeback_inodes_sb_nr of the file fs/fs-writeback.c. The manipulation leads to deadlock. This vulnerability is handled as CVE-2022-48920. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.12. It has been declared as critical. Affected by this vulnerability is the function __nf_register_net_hook in the library include/linux/netfilter.h. The manipulation leads to use after free. This vulnerability is known as CVE-2022-48912. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 4.19.232/5.4.182/5.10.103/5.15.26/5.16.12. It has been classified as critical. Affected is the function xennet_destroy_queues of the component netfront. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-48914. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.16.12 and classified as critical. This issue affects the function cifs_get_root. The manipulation leads to use after free. The identification of this vulnerability is CVE-2022-48919. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.26/5.16.12 and classified as problematic. This vulnerability affects unknown code of the file net/mptcp/protocol.c of the component mptcp. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2022-48906. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 4.19.232/5.4.182/5.10.103/5.15.26/5.16.12. This affects an unknown part of the component ibmvnic. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-48905. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.4.181/5.10.102/5.15.25/5.16.11. Affected by this issue is the function zynq_qspi_exec_mem_op of the component spi. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2021-4441. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.10.102/5.15.25/5.16.11. Affected by this vulnerability is the function io_add_buffers in the library /include/asm-generic/sections.h. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2022-48937. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 4.19.315/5.4.261/5.10.197/5.15.25/5.16.11. Affected is the function nf_tables_flowtable_destroy in the library lib/dump_stack.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-48935. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.26/5.16.12. It has been rated as critical. This issue affects the function btrfs_commit_transaction of the file fs/btrfs/relocation.c. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-48903. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.