Lucene search

K
osvGoogleOSV:USN-5390-2
HistoryMay 03, 2022 - 9:04 p.m.

linux-raspi vulnerabilities

2022-05-0321:04:19
Google
osv.dev
13
linux kernel
netfilter
st21nfca nfc driver
denial of service
arbitrary code
sensitive information
cve-2022-1015
cve-2022-1016
cve-2022-26490
system crash

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

19.0%

David Bouman discovered that the netfilter subsystem in the Linux kernel
did not properly validate passed user register indices. A local attacker
could use this to cause a denial of service or possibly execute arbitrary
code. (CVE-2022-1015)

David Bouman discovered that the netfilter subsystem in the Linux kernel
did not initialize memory in some situations. A local attacker could use
this to expose sensitive information (kernel memory). (CVE-2022-1016)

It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)