QID 353976

a kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the linux kernel.
This flaw allows a local attacker with a special user privilege (cap_sys_admin or cap_sys_rawio) to create issues with confidentiality. (
( CVE-2022-0494) an information leak flaw was found in nfs over rdma in the net/sunrpc/xprtrdma/rpc_rdma.c function in rpcrdma_hdrlen_min (7) (in rpcrdma_max_call_header_size, rpcrdma_max_reply_header_size).
This flaw allows an attacker with normal user privileges to leak kernel information. (
( CVE-2022-0812) due to the small table perturb size, a memory leak flaw was found in the linux kernels tcp source port generation algorithm in the net/ipv4/tcp.c function.
This flaw allows an attacker to leak information and may cause a denial of service. (
( CVE-2022-1012) a use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the linux kernels filesystem sub-component.
This flaw allows a local attacker with a user privilege to cause a denial of service. (
( CVE-2022-1184) a use-after-free vulnerability was found in the linux kernels netfilter subsystem in net/netfilter/nf_tables_api.c.
This flaw allows a local attacker with user access to cause a privilege escalation issue. (
( CVE-2022-1966) net/netfilter/nf_tables_api.c in the linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect nft_stateful_expr check leads to a use-after-free.

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.