CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.1%
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of
the Linux kernel during device removal. A privileged or physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2020-27820)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that the Parallel NFS (pNFS) implementation in the Linux
kernel did not properly perform bounds checking in some situations. An
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-4157)
It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)
It was discovered that the Xilinx USB2 device gadget driver in the Linux
kernel did not properly validate endpoint indices from the host. A
physically proximate attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-27223)
It was discovered that the EMS CAN/USB interface implementation in the
Linux kernel contained a double-free vulnerability when handling certain
error conditions. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2022-28390)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | linux-image-virtual | < 4.4.0.224.231 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-generic | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-generic-lts-utopic | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-generic-lts-vivid | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-generic-lts-wily | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-generic-lts-xenial | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-lowlatency | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-lowlatency-lts-utopic | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-lowlatency-lts-vivid | < 4.4.0.210.216 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-lowlatency-lts-wily | < 4.4.0.210.216 | UNKNOWN |
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.1%