VIR Vulnerability Intelligence Relay

CVEs from 2022

8,004 normalized CVEs published or assigned in this year.

Total
8,004
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.1%
% with KEV
1.6%
% with exploit
1.6%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50374 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure syzbot is reporting NULL pointer dereference at hci_uart_tty_clo… redhatsusedebian
CVE-2022-49350 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport __init-annotated mdio_bus_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text section… redhatsusedebian
CVE-2022-49322 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tracing: Fix sleeping function called from invalid context on RT kernel When setting bootparams="trace_event=initcall:initcall_st… redhatsusedebian
CVE-2022-50447 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix crash on hci_create_cis_sync When attempting to connect multiple ISO sockets without using DEFER_SETUP m… redhatsusedebian
CVE-2022-50202 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: defer device probing when resuming from hibernation syzbot is reporting hung task at misc_open() [1], for there is… redhatsusedebian
CVE-2022-36763 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2022-50780 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net,… redhatsusedebian
CVE-2022-36764 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2022-50116 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user pack… redhatsusedebian
CVE-2022-50845 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: … redhatsusedebian
CVE-2022-49940 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() A null pointer dereference can happen when attempting to acces… redhatsusedebian
CVE-2022-50277 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL… redhatsusedebian
CVE-2022-50313 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: erofs: fix order >= MAX_ORDER warning due to crafted negative i_size As syzbot reported [1], the root cause is that i_size field … redhatsusedebian
CVE-2022-50736 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work requ… redhatsusedebian
CVE-2022-0480 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-41858 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2022-3545 high 8.0 2y ago Important: kernel security update archredhatsusedebian
CVE-2022-36402 high 8.0 2y ago An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows… redhatsusedebian
CVE-2022-45884 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45886 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45919 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45887 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update susedebian
CVE-2022-3594 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-50705 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq… redhatsusedebian
CVE-2022-50458 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we… redhatsusedebian
CVE-2022-50272 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei Chen reports a kernel bug as blew: general protection fault,… redhatsusedebian
CVE-2022-50239 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory:… redhatsusedebian
CVE-2022-48950 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf: Fix perf_pending_task() UaF Per syzbot it is possible for perf_pending_task() to run after the event is free()'d. There are… redhatsusedebian
CVE-2022-50515 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() If construction of the array of work queues to handle hpd_rx_irq off… redhatsusedebian
CVE-2022-50520 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device wi… redhatsusedebian
CVE-2022-50269 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0x… redhatsusedebian
CVE-2022-50201 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policy w… redhatsusedebian
CVE-2022-50675 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored Prior to commit 69e3b846d8a7 ("arm64: mte: Sync tags for p… redhatsusedebian
CVE-2022-50636 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_device_is_present() for VFs by checking PF pci_device_is_present() previously didn't work for VFs because it reads t… redhatsusedebian
CVE-2022-50619 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() If the number of pages from the userptr BO differs from the SG BO then th… redhatsusedebian
CVE-2022-48975 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochip_setup_dev() Here is a backtrace report about memory leak detected in gpiochip_setup_dev(): … redhatsusedebian
CVE-2022-49773 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix optc2_configure warning on dcn314 [Why] dcn314 uses optc2_configure_crc() that wraps optc1_configure_crc() +… redhatsusedebian
CVE-2022-49731 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() In an unlikely (and probably wrong?) case that the 'ppi' param… redhatsusedebian
CVE-2022-49256 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Actually free the watch free_watch() does everything barring actually freeing the watch object. Fix this by adding … redhatsusedebian
CVE-2022-50822 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memor… redhatsusedebian
CVE-2022-49273 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The cleari… redhatsusedebian
CVE-2022-50412 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister_adapter() assumes that the underlying adapter op… redhatsusedebian
CVE-2022-50423 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: us… redhatsusedebian
CVE-2022-50135 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup The function rxe_create_qp calls rxe_qp_from_init. If some error oc… redhatsusedebian
CVE-2022-49466 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremente… redhatsusedebian
CVE-2022-50110 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does not … redhatsusedebian
CVE-2022-50650 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference state management for synchronous callbacks Currently, verifier verifies callback functions (sync and async) as… redhatsusedebian
CVE-2022-50510 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() arm_smmu_pmu_init() won't remove the callback added by cpuhp_setup_… redhatsusedebian
CVE-2022-36351 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50578 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in __class_register() If class_add_groups() returns error, the 'cp->subsys' need be unregister, a… redhatsusedebian
CVE-2022-50626 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is d… redhatsusedebian
CVE-2022-50700 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a… redhatsusedebian
CVE-2022-42895 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-49257 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix NULL dereference in error cleanup In watch_queue_set_size(), the error cleanup code doesn't take account of the … redhatsusedebian
CVE-2022-49875 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE When using bpftool to pin {PROG, MAP, LINK} without… redhatsusedebian
CVE-2022-49752 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() The 'parent' returned by fwnode_graph_get_port_par… redhatsusedebian
CVE-2022-50489 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregis… redhatsusedebian
CVE-2022-49938 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the req… redhatsusedebian
CVE-2022-50391 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other tha… redhatsusedebian
CVE-2022-50369 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkms_release() A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms->outp… redhatsusedebian
CVE-2022-50645 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI dev… redhatsusedebian
CVE-2022-50453 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbindin… redhatsusedebian
CVE-2022-46329 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatrockylinuxdebian
CVE-2022-50643 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_copy_file_range() If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwi… redhatsusedebian
CVE-2022-50303 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfd_process_device_init_vm returns failure after vm is converted to compute vm an… redhatsusedebian
CVE-2022-50721 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg The calling convention for pre_slave_sg is to return NULL on … redhatsusedebian
CVE-2022-50107 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == next_cached' case, we leak a refcount on the struct page. Fix t… redhatsusedebian
CVE-2022-50429 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_ch… redhatsusedebian
CVE-2022-50389 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information… redhatsusedebian
CVE-2022-50832 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add de… redhatsusedebian
CVE-2022-49321 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may tre… redhatsusedebian
CVE-2022-50658 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in … redhatsusedebian
CVE-2022-50630 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and r… redhatsusedebian
CVE-2022-40964 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50473 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: Init completion before kobject_init_and_add() In cpufreq_policy_alloc(), it will call uninitialed completion in cpufreq_… redhatsusedebian
CVE-2022-50824 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure th… redhatsusedebian
CVE-2022-49760 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlb_change_protection() Patch series "mm/hugetlb: uffd-wp fixes for hugetlb_change_pro… redhatsusedebian
CVE-2022-50540 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the periph… redhatsusedebian
CVE-2022-50390 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED Shifting signed 32-bit value by 31 bits is undefined,… redhatsusedebian
CVE-2022-50072 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open s… redhatsusedebian
CVE-2022-38076 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50287 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs When (size != 0 || ptrs->lvds_ entries != 3), the program tries to fre… redhatsusedebian
CVE-2022-49864 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p i… redhatsusedebian
CVE-2022-50475 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobjec… redhatsusedebian
CVE-2022-50627 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereferen… redhatsusedebian
CVE-2022-50699 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() The following warning was triggered on a hardware envi… redhatsusedebian
CVE-2022-48997 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpm_pm_suspend with locks Currently tpm transactions are executed unconditionally in tpm_pm_suspend() function… redhatsusedebian
CVE-2022-50881 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() This patch fixes a use-after-free in ath9k that occurs in ath9k_hif… redhatsusedebian
CVE-2022-49316 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to b… redhatrockylinuxsusedebian
CVE-2022-49567 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpol_rebind_policy() mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mod… redhatsusedebian
CVE-2022-50527 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix size validation for non-exclusive domains (v4) Fix amdgpu_bo_validate_size() to check whether the TTM domain mana… redhatsusedebian
CVE-2022-50885 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed There is a null-ptr-deref when mount.cifs over rdma… redhatsusedebian
CVE-2022-50528 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leakage This patch fixes potential memory leakage and seg fault in _gpuvm_import_dmabuf() function redhatsusedebian
CVE-2022-50416 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init() If of_iomap() failed, 'aic' should be freed before return. Otherwise th… redhatsusedebian
CVE-2022-50701 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the … redhatsusedebian
CVE-2022-50823 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we… redhatsusedebian
CVE-2022-50771 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module pa… redhatsusedebian
CVE-2022-50426 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or … redhatsusedebian
CVE-2022-49811 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbd_create_device() The drbd_destroy_connection() frees the "connection" so use the _safe() iterator to … redhatdebian
CVE-2022-49748 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using… redhatsusedebian