-
CVE-2021-45868
quota: check block number when reading the block in quota file
A use-after-free vulnerability in the quota mechanism, leading to a denial of service.
-
CVE-2022-2639
openvswitch: integer underflow leads to out-of-bounds write
An integer coercion error in the openvswitch kernel module potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2022-3524
memory leak in ipv6_renew_options
A memory leak in the IPv6 functionality. This flaw allows a user to crash the system.
-
CVE-2022-3566
data races around icsk->icsk_af_ops pointer
A vulnerability in the tcp subsystem. This issue could allow an attacker to leak internal kernel information.
-
CVE-2022-2663
netfilter fix irc helper
A firewall flaw that can bypass the Netfilter functionality. This flaw allows a remote user to gain unauthorized access to the system.
-
CVE-2022-3545
use-after-free in nfp device driver
A vulnerability in the Netronome Flow Processor (NFP) driver. This flaw allows a manipulation that may lead to a use-after-free issue.
-
CVE-2022-4379
NFSv4.1 double svc_xprt_put if rpc_create failures
A use-after-free vulnerability the NFS filesystem. This flaw allows an attacker to conduct a remote denial of service.
-
CVE-2022-0812
xprtrdma incorrect header size calculations
An information leak flaw in NFS over RDMA. This flaw allows an attacker with normal user privileges to leak kernel information.
-
CVE-2022-24448
Handle case where the lookup of a directory but file exists
A flaw in the NFS filesystem. This flaw leads to the kernel's data leak into the userspace.
-
CVE-2022-41858
Null pointer dereference in net SLIP driver
A NULL pointer dereference in the net SLIP driver. This issue could allow an attacker to crash the system or leak internal kernel information.
-
CVE-2023-1838
Double free in net vhost driver error path
A use-after-free in the virtio network subcomponent. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem.
-
CVE-2022-29581
Memory leak in net queue scheduler cls_u32 error handler
A use-after-free in the network subcomponent. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information.
-
RK-337
Use after free in packet family socket in prb_retire_rx_blk_timer_expired()
-
CVE-2023-0458
kernel data leak via spectre like gadget
A speculative pointer dereference vulnerabilty that can be used to leak the contents.
-
CVE-2023-2124
Kernel crash on mount invalid xfs image
An out-of-bounds memory access flaw in the XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2023-2162
Use after free in iscsi driver
A use-after-free in the SCSI sub-component. This issue could allow an attacker to leak kernel internal information.
-
CVE-2023-31436
Out of bound memory access in qfq network packet scheduler
An out-of-bounds memory access flaw in the traffic control (QoS) subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2023-2513
Use after free in ext4 setfattr
A use-after-free vulnerability in the ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors.
-
CVE-2023-30456
Missed CR0 and CR4 register check in KVM subsystem
A flaw in the KVM's Intel nested virtualization feature (nVMX). In rare circumstances (i.e., kvm_intel module loaded with parameters nested=1 and ept=0) this could allow a malicious guest to crash the host system, causing a denial of service.
-
CVE-2023-1074
Memory leak in sctp socket error path
A memory leak in the Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.
-
CVE-2023-3212
Invalid memory access on mount invalid gfs2 image
A NULL pointer dereference in the gfs2 file system. This flaw allows a privileged local user to cause a kernel panic.
-
CVE-2022-20141
Use after free during routing igmp multicast message
A use-after-free flaw in the IGMP protocol. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
PSBM-147036
Memory leak in cgroup subsystem
Partial fix to prevent memory leak in some cases.
-
VSTOR-62689
fuse: pcs: fix incorrect update of dirty status
Possible data loss in cluster storage.
-
VSTOR-62165
fuse: pcs: missing timeout at authentication
Possible deadlock in kernel during connect to cluster storage.
-
CVE-2021-3640
Use-after-free in function sco_sock_sendmsg() of the HCI subsystem.
https://bugzilla.redhat.com/show_bug.cgi?id=1980646
-
CVE-2022-4378
proc string out of bound in proc_skip_spaces()
-
CVE-2022-3564
bluetooth use-after-free in bluetooth l2cap_rx_state_recv
-
PSBM-145379
netfilter per/cpu memory leak on error path
-
PSBM-145324
fix device_rename for containers
-
PSBM-145263
virtualize timestamps in /dev/ksmg and syslog outputs
-
CVE-2022-1353
kernel data leak in pfkey_register