CVE-2022-2153 CVE-2022-2602 CVE-2022-2663 CVE-2022-2905 CVE-2022-3028 CVE-2022-3061 CVE-2022-3176 CVE-2022-3303 CVE-2022-3586 CVE-2022-3621 CVE-2022-3625 CVE-2022-3629 CVE-2022-3633 CVE-2022-3635 CVE-2022-3646 CVE-2022-3649 CVE-2022-20421 CVE-2022-20422 CVE-2022-39188 CVE-2022-39190 CVE-2022-39842 CVE-2022-40307 CVE-2022-41222 CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 CVE-2022-43750 Debian Bug : 1017425 1019248
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2021-4037
Christian Brauner reported that the inode_init_owner function for
the XFS filesystem in the Linux kernel allows local users to
create files with an unintended group ownership allowing attackers
to escalate privileges by making a plain file executable and SGID.
CVE-2022-0171
Mingwei Zhang reported that a cache incoherence issue in the SEV
API in the KVM subsystem may result in denial of service.
CVE-2022-1184
A flaw was discovered in the ext4 filesystem driver which can lead
to a use-after-free. A local user permitted to mount arbitrary
filesystems could exploit this to cause a denial of service (crash
or memory corruption) or possibly for privilege escalation.
CVE-2022-1679
The syzbot tool found a race condition in the ath9k_htc driver
which can lead to a use-after-free. This might be exploitable to
cause a denial service (crash or memory corruption) or possibly
for privilege escalation.
CVE-2022-2153
"kangel" reported a flaw in the KVM implementation for x86
processors which could lead to a null pointer dereference. A local
user permitted to access /dev/kvm could exploit this to cause a
denial of service (crash).
CVE-2022-2602
A race between...
5.10.149-2~deb10u1