Versions
linux kernel 5.18 rc9
5.7 (verified), possibly others 4.18
Linux 4.14.98-v7+
Fixed in kernel 6.0-rc5
Linux kernel 5.16 onwards
through 3.1
Linux kernel through 3.1
uknown
affected kernel 5.19, 6.0, 6.1, 6.2, 6.3
Affected versions <= 6.0.3
2.6.37
Linux kernel 5.18 rc6
v2.3.36 before v2.6.39
all versions
Linux kernel 5.10
Fixed in kernel 6.0-rc3
Linux kernel
Linux kernel through v6.1-rc8
6.2.0-rc2
Linux kernel versions prior to 5.18
Kernel 6.2 RC4
Kernel 6.2 RC5
2.6.19-rc1
All versions of the Linux kernel
All
Linux Kernel v5.4.54, Linux Kernel v5.4.66
5.9.4
Fixed in kernel v6.0
Fixed in v5.15-rc4
5.9.2
Linux Kernel <= 3.1
Linux Kernel v5.10-rc4,Linux Kernel v5.4.66,Linux Kernel v5.9.8
5.9.6
Recent CVEs
CVE-2023-3220
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.
CVE-2023-1652
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.
CVE-2023-0210
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
CVE-2023-1583
A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash.
CVE-2022-4543
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
CVE-2022-4379
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
CVE-2022-3344
A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).
CVE-2022-3586
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.
CVE-2022-3303
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition
CVE-2022-2977
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.