ROS-20220413-01

Vulnerability in drivers/usb/gadget/composite.c driver of Linux kernel is related to an operation exceeding the memory buffer boundaries.
operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to execute
arbitrary code

Vulnerability in the implementation of close() and fget() functions of Linux kernels is related to the use of memory after its release by the “collector”.
memory after it has been freed by the garbage collector. Exploitation of the vulnerability could allow an attacker to
cause a denial of service or escalate privileges

A vulnerability in the implementation of the tc_new_tfilter() function of the Linux kernel is related to the use of memory after it has been freed by the “garbage collector”.
memory after it has been freed. Exploitation of the vulnerability could allow an attacker to escalate their
privileges by using the user namespace (user namespace)

A vulnerability in the Linux kernel is related to the lack of permission checking in the cgroups function
function when writing to a file descriptor. Exploitation of the vulnerability could allow an attacker controlling
a low-privileged process to force a parent process with higher privileges to write
arbitrary data to files, which could result in a denial of service or privilege escalation

A vulnerability in the driver drivers/usb/gadget/function/rndis.c driver of the Linux operating system kernel is related to
information disclosure. Exploitation of the vulnerability could allow an attacker to gain unauthorized
access to protected information

Vulnerability of esp4 and esp6 modules of Linux operating system kernel is related to the operation exceeding the boundaries of a buffer in memory.
buffer in memory. Exploitation of the vulnerability could allow an attacker to escalate his privileges

Vulnerability in TCP/IP protocol stack implementation of the kernel of Linux operating systems is related to
errors in processing ICMPv6 packets. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
remotely to cause a denial of service

Vulnerability of the nf_tables module of the netfilter subsystem of the Linux kernel is related to the output of the
write operation out of buffer boundaries in memory during index processing. Exploitation of the vulnerability could
allow an attacker to escalate privileges by using calls to unshare(CLONE_NEWUSER) or
unshare(CLONE_NEWNET)

The vulnerability of the nf_tables module of the netfilter subsystem of the Linux kernel is related to the use of the following
uninitialized nft_do_chain pointer. Exploitation of the vulnerability could allow an attacker to
gain unauthorized access to protected information Vendor

A vulnerability in the watch_queue component of the Linux operating system kernel is related to writing beyond buffer boundaries
in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with the privileges of
root

Vulnerability in the implementation of function nft_fwd_dup_netdev_offload() of the netfilter subsystem of the kernel of operating systems
Linux is related to the write operation exceeding the buffer boundaries in memory. Exploiting the vulnerability could
allow an attacker to escalate privileges or cause a denial of service