VIR Vulnerability Intelligence Relay

CVEs from 2022

6,002 normalized CVEs published or assigned in this year.

Total
6,002
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-48919 medium 5.5 11mo ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call dea… rockylinuxsusedebian
CVE-2022-49395 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes… rockylinuxsusedebian
CVE-2022-3424 medium 5.5 1y ago A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_ass… redhatsusedebian
CVE-2022-4055 medium 5.5 1y ago Moderate: xdg-utils security update redhatsusedebian
CVE-2022-50811 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked. redhatsusedebian
CVE-2022-41741 medium 5.5 1y ago Moderate: nginx security update redhatsuserockylinuxdebian
CVE-2022-49778 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud The page table check trigger BUG_ON() unexpectedly when collapse huge… redhatsusedebian
CVE-2022-49747 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: erofs/zmap.c: Fix incorrect offset calculation Effective offset to add to length was being incorrectly calculated, which resulted… redhatsusedebian
CVE-2022-49804 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a func… redhatsusedebian
CVE-2022-50743 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f… redhatsusedebian
CVE-2022-49815 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing xas_retry() in fscache mode The xarray iteration only holds the RCU read lock and thus may encounter XA_RETRY_… redhatsusedebian
CVE-2022-50511 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for get_default_font Shifting signed 32-bit value by 31 bits is undefined, so chan… redhatsusedebian
CVE-2022-50159 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently ima_get_kexec_buffer() doesn't check if the previous… redhatsusedebian
CVE-2022-50421 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Avoid double destroy of default endpoint The rpmsg_dev_remove() in rpmsg_core is the place for releasing this defaul… redhatsusedebian
CVE-2022-41742 medium 5.5 1y ago Moderate: nginx security update redhatsuserockylinuxdebian
CVE-2022-1941 medium 5.5 1y ago Moderate: protobuf security update redhatarchsuserockylinux+2
CVE-2022-50614 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping.… redhatsusedebian
CVE-2022-50214 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: coresight: Clear the connection field properly coresight devices track their connections (output connections) and hold a referenc… redhatsusedebian
CVE-2022-50112 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge of_parse_phandle() returns a node pointer with refcount incremented, we… redhatsusedebian
CVE-2022-50121 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init Every iteration of for_each_available_child_of_node() decrements th… redhatsusedebian
CVE-2022-49029 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 i… redhatsusedebian
CVE-2022-50319 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhp_state_add_instance() and cpuhp_state_remove_instance(… redhatsusedebian
CVE-2022-50491 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in cti_disable_hw() cti_enable_hw() and cti_disable_hw() are called from an atomic context so shouldn't … redhatsusedebian
CVE-2022-49014 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like bel… redhatsusedebian
CVE-2022-49006 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" fie… redhatsusedebian
CVE-2022-48969 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with so… redhatsusedebian
CVE-2022-48989 medium 5.5 1y ago In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookie_lru and use_cookie If a cookie expires from the LRU and the LRU_DISCARD flag is set, bu… redhatsusedebian
CVE-2022-49124 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following condi… redhatsusedebian
CVE-2022-49675 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-annotated tick_nohz_full_setup() EXPORT_SYMBOL and __init is a bad combination because the .init.text … redhatsusedebian
CVE-2022-49226 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the … redhatsusedebian
CVE-2022-49267 medium 5.5 2y ago RHSA-2024:9315: kernel security update (Moderate) redhatsuse
CVE-2022-48703 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer… redhatsusedebian
CVE-2022-48929 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btf_ids. When commit e6ac2450d6de ("bpf: Support bpf program calling kernel f… redhatsusedebian
CVE-2022-50353 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memo… redhatsusedebian
CVE-2022-49197 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: af_netlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlink_recvmsg() fills in the … redhatsusedebian
CVE-2022-50486 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),… redhatsusedebian
CVE-2022-50312 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. redhatsusedebian
CVE-2022-50284 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in init_mqueue_fs() When setup_mq_sysctls() failed in init_mqueue_fs(), mqueue_inode_cachep is not released.… redhatsusedebian
CVE-2022-50468 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() The following WARNING message was given when r… redhatsusedebian
CVE-2022-50177 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1) If (nr_cpus= > … redhatsusedebian
CVE-2022-50096 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Update kcb status flag after singlestepping Fix kprobes to update kcb (kprobes control block) status flag to KPROBE_… redhatsusedebian
CVE-2022-50141 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcoun… redhatsusedebian
CVE-2022-48669 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fa… redhatrockylinuxsusedebian
CVE-2022-49308 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as state_show() … redhatsusedebian
CVE-2022-49549 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fail… redhatsusedebian
CVE-2022-49078 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer o… redhatsusedebian
CVE-2022-50886 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … redhatsusedebian
CVE-2022-49329 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference … redhatsusedebian
CVE-2022-50858 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory t… redhatsusedebian
CVE-2022-50748 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation fa… redhatsusedebian
CVE-2022-50761 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bin… redhatsusedebian
CVE-2022-50663 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmac_dvr_probe() The bitmap_free() should be called to free priv->af_xdp_zc_qps when c… redhatsusedebian
CVE-2022-50769 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … redhatsusedebian
CVE-2022-50625 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1… redhatsusedebian
CVE-2022-4122 medium 5.5 2y ago Moderate: podman security update redhatsusedebianrockylinux+1
CVE-2022-49787 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for t… redhatsusedebian
CVE-2022-49941 medium 5.5 2y ago RHSA-2024:9315: kernel security update (Moderate) redhatsuse
CVE-2022-49430 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpio_keys module can either accept gpios or interrupts. The module in… redhatsusedebian
CVE-2022-50640 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it… redhatsusedebian
CVE-2022-50541 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel … redhatsusedebian
CVE-2022-50653 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will … redhatsusedebian
CVE-2022-50720 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2A… redhatsusedebian
CVE-2022-50670 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will… redhatsusedebian
CVE-2022-50846 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will … redhatsusedebian
CVE-2022-50073 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null Fixes a NULL pointer derefence bug triggered … redhatsusedebian
CVE-2022-50019 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount i… redhatsusedebian
CVE-2022-49860 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to… redhatsusedebian
CVE-2022-48672 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") … redhatsusedebian
CVE-2022-50251 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … redhatsusedebian
CVE-2022-50347 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the… redhatsusedebian
CVE-2022-50268 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory … redhatsusedebian
CVE-2022-48773 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointe… rockylinuxsusedebian
CVE-2022-24809 medium 5.5 2y ago Moderate: net-snmp security update redhatsuserockylinuxdebian
CVE-2022-24808 medium 5.5 2y ago Moderate: net-snmp security update redhatsuserockylinuxdebian
CVE-2022-24807 medium 5.5 2y ago Moderate: net-snmp security update redhatsuserockylinuxdebian
CVE-2022-24810 medium 5.5 2y ago Moderate: net-snmp security update redhatsuserockylinuxdebian
CVE-2022-24806 medium 5.5 2y ago Moderate: net-snmp security update redhatsuserockylinuxdebian
CVE-2022-24805 medium 5.5 2y ago Moderate: net-snmp security update redhatsuserockylinuxdebian
CVE-2022-50495 medium 5.5 2y ago RHSA-2024:9315: kernel security update (Moderate) redhatsuse
CVE-2022-48627 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This mem… redhatrockylinuxdebiansuse
CVE-2022-48829 medium 5.5 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::ia_size is a loff_t, so these NFSv3 procedures must be caref… susedebianlinux
CVE-2022-48828 medium 5.5 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as a… susedebianlinux
CVE-2022-48622 medium 5.5 2y ago Moderate: gdk-pixbuf2 security update redhatsusedebianrockylinux
CVE-2022-23222 medium 5.5 2y ago kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. archrockylinuxsusedebian
CVE-2022-48565 medium 5.5 2y ago Moderate: python27:2.7 security update rockylinuxsusedebian
CVE-2022-0500 medium 5.5 2y ago A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows… archrockylinuxsusedebian
CVE-2022-40090 medium 5.5 2y ago Moderate: libtiff security update redhatsusedebian
CVE-2022-33065 medium 5.5 2y ago Moderate: libsndfile security update redhatrockylinuxsusedebian
CVE-2022-50673 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: ====================================================… rockylinuxredhatsusedebian
CVE-2022-45934 medium 5.5 2y ago An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. redhatrockylinuxsusedebian
CVE-2022-49977 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_o… redhatrockylinuxsusedebian
CVE-2022-38096 medium 5.5 5.5 2y ago A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw… redhatrockylinuxsusedebian+1
CVE-2022-48624 medium 5.5 2y ago Moderate: less security update redhatrockylinuxsusedebian
CVE-2022-48560 medium 5.5 2y ago Moderate: python27:2.7 security update rockylinuxsusedebian
CVE-2022-48564 medium 5.5 2y ago Moderate: python3 security update susedebian
CVE-2022-44638 medium 5.5 3y ago Moderate: mingw-pixman security update redhatsuserockylinuxdebian
CVE-2022-24963 medium 5.5 3y ago Moderate: apr security update debianredhatsuserockylinux
CVE-2022-23527 medium 5.5 3y ago Moderate: mod_auth_openidc security and bug fix update redhatsusedebian
CVE-2022-48468 medium 5.5 3y ago Moderate: protobuf-c security update redhatsusedebian
CVE-2022-40318 medium 5.5 3y ago Moderate: frr security and bug fix update redhatsusedebian