VIR Vulnerability Intelligence Relay

CVEs from 2022

8,004 normalized CVEs published or assigned in this year.

Total
8,004
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.1%
% with KEV
1.6%
% with exploit
1.6%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50780 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net,… redhatsusedebian
CVE-2022-50845 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: … redhatsusedebian
CVE-2022-50202 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: defer device probing when resuming from hibernation syzbot is reporting hung task at misc_open() [1], for there is… redhatsusedebian
CVE-2022-48947 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventua… redhatsusedebian
CVE-2022-49940 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() A null pointer dereference can happen when attempting to acces… redhatsusedebian
CVE-2022-50080 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in register_shm_helper() With special lengths supplied by user space, register_shm_helper() has an intege… redhatsusedebian
CVE-2022-36763 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2022-50116 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user pack… redhatsusedebian
CVE-2022-50638 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ==================================… redhatsusedebian
CVE-2022-49322 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tracing: Fix sleeping function called from invalid context on RT kernel When setting bootparams="trace_event=initcall:initcall_st… redhatsusedebian
CVE-2022-50777 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented… redhatsusedebian
CVE-2022-50374 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure syzbot is reporting NULL pointer dereference at hci_uart_tty_clo… redhatsusedebian
CVE-2022-50637 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() If "cpu_dev" fails to get opp table in qcom_cpufreq_hw_read_lut()… redhatsusedebian
CVE-2022-50277 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL… redhatsusedebian
CVE-2022-50485 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_ig… redhatsusedebian
CVE-2022-41858 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2022-36402 high 8.0 2y ago An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows… redhatsusedebian
CVE-2022-3545 high 8.0 2y ago Important: kernel security update archredhatsusedebian
CVE-2022-45919 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45886 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45884 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45887 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update susedebian
CVE-2022-50342 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unre… redhatsusedebian
CVE-2022-38076 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50201 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policy w… redhatsusedebian
CVE-2022-50135 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup The function rxe_create_qp calls rxe_qp_from_init. If some error oc… redhatsusedebian
CVE-2022-49028 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethr… redhatsusedebian
CVE-2022-50825 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe() I got the following report while doing fault injection test: … redhatsusedebian
CVE-2022-50489 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregis… redhatsusedebian
CVE-2022-50042 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first p… redhatsusedebian
CVE-2022-49653 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak … redhatsusedebian
CVE-2022-38900 high 8.0 3y ago Important: nodejs:14 security, bug fix, and enhancement update redhatrockylinuxnpm
CVE-2022-50234 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we wa… redhatsusedebian
CVE-2022-50771 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module pa… redhatsusedebian
CVE-2022-49220 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprob… redhatsusedebian
CVE-2022-50740 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in a… redhatsusedebian
CVE-2022-50412 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister_adapter() assumes that the underlying adapter op… redhatsusedebian
CVE-2022-50488 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ====================================… redhatsusedebian
CVE-2022-50327 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which wo… redhatsusedebian
CVE-2022-50472 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the followi… redhatsusedebian
CVE-2022-50391 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other tha… redhatsusedebian
CVE-2022-50464 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() As comment of pci_get_device() says, it returns a pci_device… redhatsusedebian
CVE-2022-50426 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or … redhatsusedebian
CVE-2022-3594 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-40964 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50322 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_C… redhatsusedebian
CVE-2022-48988 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memcg: fix possible use-after-free in memcg_write_event_control() memcg_write_event_control() accesses the dentry->d_name of the … redhatsusedebian
CVE-2022-50369 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkms_release() A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms->outp… redhatsusedebian
CVE-2022-50269 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0x… redhatsusedebian
CVE-2022-49257 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix NULL dereference in error cleanup In watch_queue_set_size(), the error cleanup code doesn't take account of the … redhatsusedebian
CVE-2022-50645 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI dev… redhatsusedebian
CVE-2022-50064 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). However, vq is freed on … redhatsusedebian
CVE-2022-50712 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots p… redhatsusedebian
CVE-2022-48975 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochip_setup_dev() Here is a backtrace report about memory leak detected in gpiochip_setup_dev(): … redhatsusedebian
CVE-2022-50705 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq… redhatsusedebian
CVE-2022-49287 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpm_chip The following sequence of operations results in a refcount warning: 1. Open devi… redhatsusedebian
CVE-2022-50515 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() If construction of the array of work queues to handle hpd_rx_irq off… redhatsusedebian
CVE-2022-50540 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the periph… redhatsusedebian
CVE-2022-50297 high 8.0 3y ago RHSA-2023:6583: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-46705 high 8.0 3y ago A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a… redhatsusedebian
CVE-2022-50005 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout When the pn532 uart device is detaching, the pn532_uart_remove() … redhatsusedebian
CVE-2022-49795 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is … redhatsusedebian
CVE-2022-50272 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei Chen reports a kernel bug as blew: general protection fault,… redhatsusedebian
CVE-2022-46329 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatrockylinuxdebian
CVE-2022-36351 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50279 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KAS… redhatsusedebian
CVE-2022-50520 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device wi… redhatsusedebian
CVE-2022-50390 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED Shifting signed 32-bit value by 31 bits is undefined,… redhatsusedebian
CVE-2022-50718 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount … redhatsusedebian
CVE-2022-50004 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst->dev xmit null pointer dereference When we try to transmit an skb with metadata_dst attached (i.e.… redhatsusedebian
CVE-2022-50616 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: core: Use different devices for resource allocation and DT lookup Following by the below discussion, there's the poten… redhatsusedebian
CVE-2022-49748 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using… redhatsusedebian
CVE-2022-50389 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information… redhatsusedebian
CVE-2022-50842 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent N… redhatsusedebian
CVE-2022-50423 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: us… redhatsusedebian
CVE-2022-49774 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introd… redhatsusedebian
CVE-2022-50630 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and r… redhatsusedebian
CVE-2022-50667 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page … redhatsusedebian
CVE-2022-50784 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as … redhatsusedebian
CVE-2022-50781 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is… redhatsusedebian
CVE-2022-50440 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memc… redhatsusedebian
CVE-2022-50393 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: SDMA update use unlocked iterator SDMA update page table may be called from unlocked context, this generate below war… redhatsusedebian
CVE-2022-50626 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is d… redhatsusedebian
CVE-2022-49715 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcount i… redhatsusedebian
CVE-2022-50658 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in … redhatsusedebian
CVE-2022-49938 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the req… redhatsusedebian
CVE-2022-49760 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlb_change_protection() Patch series "mm/hugetlb: uffd-wp fixes for hugetlb_change_pro… redhatsusedebian
CVE-2022-49339 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text sectio… redhatsusedebian
CVE-2022-50479 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/fre… redhatsusedebian
CVE-2022-49773 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix optc2_configure warning on dcn314 [Why] dcn314 uses optc2_configure_crc() that wraps optc1_configure_crc() +… redhatsusedebian
CVE-2022-50250 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix use_count leakage when handling boot-on I found a use_count leakage towards supply regulator of rdev with bo… redhatsusedebian
CVE-2022-49316 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to b… redhatrockylinuxsusedebian
CVE-2022-50628 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/gud: Fix UBSAN warning UBSAN complains about invalid value for bool: [ 101.165172] [drm] Initialized gud 1.0.0 20200422 for… redhatsusedebian
CVE-2022-49321 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may tre… redhatsusedebian
CVE-2022-50444 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, w… redhatsusedebian
CVE-2022-50246 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() I got the following report while doing device(mt6370-tcpc) … redhatsusedebian
CVE-2022-50809 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhci_alloc_dbc() If DbC is already in use, then the allocated memory for the xhci_dbc struct doesn'… redhatsusedebian
CVE-2022-49567 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpol_rebind_policy() mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mod… redhatsusedebian
CVE-2022-50829 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), the… redhatsusedebian
CVE-2022-50772 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in nsim_bus_dev_new(), the value of reference in nsi… redhatsusedebian