2022
March 21, 2023 · View on GitHub
CVE-2022-0185
| Reference | CVE-2022-0185 |
|---|---|
| Writeups/Exploits | Will's Root: CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers oss-security - CVE-2022-0185: Linux kernel slab out-of-bounds write: exploit and writeup Hack The Box Blog - CVE-2022-0185: A Case Study |
| Component | Virtual Filesystem (fsconfig system call) |
| Vulnerability Type | Integer underflow lading to a heap out-of-bounds write |
| Impact | LPE |
CVE-2022-0435
| Reference | CVE-2022-0435 |
|---|---|
| Writeups/Exploits | oss-security - CVE-2022-0435: Remote Stack Overflow in Linux Kernel TIPC Module since 4.8 (net/tipc) CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel Writing a Linux Kernel Remote in 2022 |
| Component | TIPC (Transparent Inter-Process Communication) |
| Vulnerability Type | Stack Overflow |
| Impact | RCE |
CVE-2022-0492
| Reference | CVE-2022-0492 |
|---|---|
| Writeups/Exploits | New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape? |
| Component | cgroups |
| Vulnerability Type | Logic bug |
| Impact | Container escape |
CVE-2022-0847 (Dirty Pipe)
| Reference | CVE-2022-0847 |
|---|---|
| Writeups/Exploits | The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation https://haxx.in/files/dirtypipez.c Making Sense Of The Dirty Pipe Vulnerability (CVE-2022-0847) - RedHunt Labs The Dirty Pipe Vulnerability: Overview, Detection, and Remediation DirtyPipe-Android/TECHNICAL-DETAILS.md · polygraphene/DirtyPipe-Android Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847) :: lolcads tech blog GitHub - qwert419/linux: CVE-2022-0847 |
| Component | Filesystem (pipes, splice system call) |
| Vulnerability Type | Uninitialized data |
| Impact | LPE |
CVE-2022-0995
| Reference | CVE-2022-0995 |
|---|---|
| Writeups/Exploits | GitHub - Bonfee/CVE-2022-0995: CVE-2022-0995 exploit |
| Component | watch_queue |
| Vulnerability Type | Out-of-bounds write |
| Impact | LPE |
CVE-2022-1015
| Reference | CVE-2022-1015 |
|---|---|
| Writeups/Exploits | oss-security - Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables · David's Blog GitHub - pqlx/CVE-2022-1015: Local privilege escalation PoC for Linux kernel CVE-2022-1015 |
| Component | Netfilter |
| Vulnerability Type | Out-of-bounds write |
| Impact | LPE |
CVE-2022-1016
| Reference | CVE-2022-1016 |
|---|---|
| Writeups/Exploits | oss-security - Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables · David's Blog |
| Component | Netfilter |
| Vulnerability Type | Use-after-free |
| Impact | Information leak |
CVE-2022-1048
| Reference | CVE-2022-1048 |
|---|---|
| Writeups/Exploits | oss-security - Linux Kernel: Race Condition in snd_pcm_hw_free leading to use-after-free |
| Component | Sound subsystem |
| Vulnerability Type | Race condition / Use-after-free |
| Impact |
CVE-2022-1729
| Reference | CVE-2022-1729 |
|---|---|
| Writeups/Exploits | oss-sec: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation |
| Component | perf subsystem |
| Vulnerability Type | Race condition |
| Impact | LPE |
CVE-2022-1786
| Reference | CVE-2022-1786 |
|---|---|
| Writeups/Exploits | CVE-2022-1786 - A Journey To The Dawn | kylebot's Blog |
| Component | Use-after-free |
| Vulnerability Type | io_uring |
| Impact | LPE |
CVE-2022-1882
| Reference | CVE-2022-1882 |
|---|---|
| Writeups/Exploits | SSD Advisory – Linux CONFIG_WATCH_QUEUE LPE - SSD Secure Disclosure |
| Component | watch_queue |
| Vulnerability Type | Race condition / use-after-free |
| Impact | LPE |
CVE-2022-1972
| Reference | CVE-2022-1972 |
|---|---|
| Writeups/Exploits | oss-sec: CVE-2022-1972: out-of-bound write in Linux netfilter subsystem leads to local privilege escalation Yet another bug into Netfilter |
| Component | Netfilter |
| Vulnerability Type | Integer overflow leading to stack out-of-bounds write |
| Impact | Information leak, could be escalated to LPE (no exploit though) |
CVE-2022-22942
| Reference | CVE-2022-22942 |
|---|---|
| Writeups/Exploits | opensrcsec/same_type_object_reuse_exploits Canary in the Kernel Mine: Exploiting and Defending Against Same-Type Object Reuse |
| Component | vmwgfx driver |
| Vulnerability Type | Use-after-free |
| Impact | LPE |
CVE-2022-2318
| Reference | CVE-2022-2318 |
|---|---|
| Writeups/Exploits | oss-sec: Re: Linux kernel: UAF vulnerabilities in rose protocol |
| Component | rose driver |
| Vulnerability Type | Use-after-free |
| Impact |
CVE-2022-24354 (Zenith)
| Reference | CVE-2022-24354 |
|---|---|
| Writeups/Exploits | 0vercl0k/zenith Competing in Pwn2Own 2021 Austin: Icarus at the Zenith |
| Component | NetUSB driver |
| Vulnerability Type | Integer overflow leading to heap buffer overflow |
| Impact | RCE |
CVE-2022-25636
| Reference | CVE-2022-25636 |
|---|---|
| Writeups/Exploits | https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ https://www.openwall.com/lists/oss-security/2022/02/21/2 https://github.com/Bonfee/CVE-2022-25636 |
| Component | Netfilter |
| Vulnerability Type | Heap out-of-bounds write |
| Impact | LPE |
CVE-2022-2585
| Reference | CVE-2022-2585 |
|---|---|
| Writeups/Exploits | SSD Advisory – Linux CLOCK_THREAD_CPUTIME_ID LPE - SSD Secure Disclosure oss-sec: Re: CVE-2022-2585 - Linux kernel POSIX CPU timer UAF |
| Component | POSIX CPU Timer |
| Vulnerability Type | Race condition leading to double free |
| Impact | LPE |
CVE-2022-2586
| Reference | CVE-2022-2586 |
|---|---|
| Writeups/Exploits | oss-sec: Re: CVE-2022-2586 - Linux kernel nf_tables cross-table reference UAF oss-security - N-day exploit for CVE-2022-2586: Linux kernel nft_object UAF Exploiting cross table object reference in Linux Netfilter table module |
| Component | Netfilter |
| Vulnerability Type | Use-after-free |
| Impact | LPE |
CVE-2022-2588
| Reference | CVE-2022-2588 |
|---|---|
| Writeups/Exploits | oss-sec: Re: CVE-2022-2588 - Linux kernel cls_route UAF GitHub - Markakd/CVE-2022-2588: exploit for CVE-2022-2588 |
| Component | Network scheduler |
| Vulnerability Type | Use-after-free |
| Impact | LPE |
CVE-2022-2590
| Reference | CVE-2022-2590 |
|---|---|
| Writeups/Exploits | oss-sec: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions |
| Component | tmpfs |
| Vulnerability Type | Race condition |
| Impact | LPE |
CVE-2022-2602
| Reference | CVE-2022-2602 |
|---|---|
| Writeups/Exploits+ | ZDI-22-1462 - Zero Day Initiative oss-sec: Re: CVE-2022-2602 - Linux kernel io_uring UAF CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF – Hacktive Security Blog DirtyCred Remastered - LukeGix |
| Component | io_uring |
| Vulnerability Type | Use-after-free |
| Impact | LPE |
CVE-2022-2639
| Reference | CVE-2022-2639 |
|---|---|
| Writeups/Exploits | GitHub - veritas501/CVE-2022-2639-PipeVersion (Wayback Machine) |
| Component | openvswitch module |
| Vulnerability Type | Integer coercion error leading to out-of-bounds write |
| Impact | LPE |
CVE-2022-27666
| Reference | CVE-2022-27666 |
|---|---|
| Writeups/Exploits | CVE-2022-27666: Exploit esp6 modules in Linux kernel - ETenal |
| Component | esp6 crypto module |
| Vulnerability Type | Heap buffer overflow |
| Impact | LPE |
CVE-2022-29582
| Reference | CVE-2022-29582 |
|---|---|
| Writeups/Exploits | CVE-2022-29582 - An io_uring vulnerability |
| Component | io_uring |
| Vulnerability Type | Use-After-Free |
| Impact | LPE |
CVE-2022-32550
CVE-2022-34918
| Reference | CVE-2022-34918 |
|---|---|
| Writeups/Exploits | Netfilter vulnerability disclosure - Hugues ANGUELKOV CVE-2022-34918 - A crack in the Linux firewall GitHub - veritas501/CVE-2022-34918 |
| Component | Netfilter |
| Vulnerability Type | Type confusion leading to buffer overflow |
| Impact | LPE |
CVE-2022-36123
| Reference | CVE-2022-36123 |
|---|---|
| Writeups/Exploits | CVE-2022-36123 - Sick Codes |
| Component | Xen |
| Vulnerability Type | Uninitialized data |
| Impact | DoS/Privilege Escalation |
CVE-2022-37706
| Reference | CVE-2022-37706 |
|---|---|
| Writeups/Exploits | GitHub - V4bel/CVE-2022-41218: Vulnerability Details for CVE-2022-41218 |
| Component | DVB driver |
| Vulnerability Type | Race condition leading to Use-After-Free |
| Impact | LPE |
CVE-2022-41674
| Reference | CVE-2022-41674 |
|---|---|
| Writeups/Exploits | oss-sec: Re: Various Linux Kernel WLAN security issues (RCE/DOS) found |
| Component | mac80211 subsystem |
| Vulnerability Type | Heap buffer overflow |
| Impact | Remote DoS (potentially RCE) |
CVE-2022-42703
| Reference | CVE-2022-42703 |
|---|---|
| Writeups/Exploits | Project Zero: Exploiting CVE-2022-42703 - Bringing back the stack attack |
| Component | Memory Management subsystem |
| Vulnerability Type | Use-After-Free |
| Impact | LPE |
CVE-2022-42719
| Reference | CVE-2022-42719 |
|---|---|
| Writeups/Exploits | oss-sec: Re: Various Linux Kernel WLAN security issues (RCE/DOS) found |
| Component | mac80211 subsystem |
| Vulnerability Type | User-After-Free |
| Impact | Remote DoS (potentially RCE) |
CVE-2022-42720
| Reference | CVE-2022-42720 |
|---|---|
| Writeups/Exploits | oss-sec: Re: Various Linux Kernel WLAN security issues (RCE/DOS) found |
| Component | mac80211 subsystem |
| Vulnerability Type | User-After-Free |
| Impact | Remote DoS (potentially RCE) |
CVE-2022-42721
| Reference | CVE-2022-42721 |
|---|---|
| Writeups/Exploits | oss-sec: Re: Various Linux Kernel WLAN security issues (RCE/DOS) found |
| Component | mac80211 subsystem |
| Vulnerability Type | Logic bug |
| Impact | Remote DoS (potentially RCE) |
CVE-2022-42722
| Reference | CVE-2022-42722 |
|---|---|
| Writeups/Exploits | oss-sec: Re: Various Linux Kernel WLAN security issues (RCE/DOS) found GitHub - jo-m/linux-wifi-ota-crash: Send arbitrary IEEE 802.11 frames with Espressif's ESP32 |
| Component | mac80211 subsystem |
| Vulnerability Type | User-After-Free |
| Impact | Remote DoS (potentially RCE) |
CVE-2022-42895
| Reference | CVE-2022-42895 |
|---|---|
| Writeups/Exploits | Linux Kernel: Infoleak in Bluetooth L2CAP Handling · Advisory · google/security-research · GitHub |
| Component | Bluetooth |
| Vulnerability Type | Logic bug |
| Impact | Remote Information Leak |
CVE-2022-42896
| Reference | CVE-2022-42896 |
|---|---|
| Writeups/Exploits | Linux Kernel: UAF in Bluetooth L2CAP Handshake · Advisory · google/security-research · GitHub |
| Component | Bluetooth |
| Vulnerability Type | Use-After-Free |
| Impact | RCE and Remote Information Leak |
CVE-2022-4543 (EntryBleed)
| Reference | CVE-2022-4543 |
|---|---|
| Writeups/Exploits | Will's Root: EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543) |
| Component | KTPI |
| Vulnerability Type | Logic bug |
| Impact | Information Leak |