VIR Vulnerability Intelligence Relay

CVEs from 2022

8,004 normalized CVEs published or assigned in this year.

Total
8,004
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.1%
% with KEV
1.6%
% with exploit
1.6%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-49940 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() A null pointer dereference can happen when attempting to acces… redhatsusedebian
CVE-2022-36764 high 8.0 2y ago Important: edk2 security update redhatdebiansuserockylinux
CVE-2022-50277 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL… redhatsusedebian
CVE-2022-41858 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2022-3545 high 8.0 2y ago Important: kernel security update archredhatsusedebian
CVE-2022-36402 high 8.0 2y ago An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows… redhatsusedebian
CVE-2022-45886 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45919 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45884 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45887 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update susedebian
CVE-2022-50832 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add de… redhatsusedebian
CVE-2022-50824 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure th… redhatsusedebian
CVE-2022-50705 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq… redhatsusedebian
CVE-2022-50042 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first p… redhatsusedebian
CVE-2022-50819 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g… redhatsusedebian
CVE-2022-50760 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device wi… redhatsusedebian
CVE-2022-49855 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain th… redhatsusedebian
CVE-2022-50234 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we wa… redhatsusedebian
CVE-2022-49287 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpm_chip The following sequence of operations results in a refcount warning: 1. Open devi… redhatsusedebian
CVE-2022-50627 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereferen… redhatsusedebian
CVE-2022-46705 high 8.0 3y ago A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a… redhatsusedebian
CVE-2022-50342 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unre… redhatsusedebian
CVE-2022-50327 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which wo… redhatsusedebian
CVE-2022-50372 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xff… redhatsusedebian
CVE-2022-50357 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3_get_properties() function calls: dwc->usb_psy = power_supply_get_by_name(usb_… redhatsusedebian
CVE-2022-50329 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will acces… redhatsusedebian
CVE-2022-50550 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on add_disk() failures When a gendisk is successfully initialized but add_disk() fails such as whe… redhatsusedebian
CVE-2022-50735 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to ru… redhatsusedebian
CVE-2022-50317 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911… redhatsusedebian
CVE-2022-50303 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfd_process_device_init_vm returns failure after vm is converted to compute vm an… redhatsusedebian
CVE-2022-50844 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFI… redhatsusedebian
CVE-2022-50287 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs When (size != 0 || ptrs->lvds_ entries != 3), the program tries to fre… redhatsusedebian
CVE-2022-46329 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatrockylinuxdebian
CVE-2022-49774 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introd… redhatsusedebian
CVE-2022-49567 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpol_rebind_policy() mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mod… redhatsusedebian
CVE-2022-50107 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == next_cached' case, we leak a refcount on the struct page. Fix t… redhatsusedebian
CVE-2022-49653 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak … redhatsusedebian
CVE-2022-50275 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add the missed acpi_put_table() to fix memory leak When the radeon driver reads the bios information from ACPI table … redhatsusedebian
CVE-2022-50883 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed to hit another decl_tag issue: btf_func_proto_… redhatsusedebian
CVE-2022-50276 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in power_supply_get_battery_info when kmalloc() fail to allocate memory in kasprint… redhatsusedebian
CVE-2022-50247 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq Can not set the @shared_hcd to NULL before decrease the usag… redhatsusedebian
CVE-2022-50239 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory:… redhatsusedebian
CVE-2022-49864 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p i… redhatsusedebian
CVE-2022-50470 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list … redhatsusedebian
CVE-2022-50453 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbindin… redhatsusedebian
CVE-2022-49878 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fix memory leak in array reallocation for stack state If an error (NULL) is returned by krealloc(), callers of rea… redhatsusedebian
CVE-2022-49339 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text sectio… redhatsusedebian
CVE-2022-50756 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case n… redhatsusedebian
CVE-2022-49839 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_transport_sas: Fix error handling in sas_phy_add() If transport_add_device() fails in sas_phy_add(), the kernel will c… redhatsusedebian
CVE-2022-49873 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type conversion in release_reference() Some helper functions will allocate memory. To avoid memory leaks, the … redhatsusedebian
CVE-2022-49715 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcount i… redhatsusedebian
CVE-2022-50064 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). However, vq is freed on … redhatsusedebian
CVE-2022-50710 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver all… redhatsusedebian
CVE-2022-50072 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open s… redhatsusedebian
CVE-2022-49773 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix optc2_configure warning on dcn314 [Why] dcn314 uses optc2_configure_crc() that wraps optc1_configure_crc() +… redhatsusedebian
CVE-2022-50750 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to a… redhatsusedebian
CVE-2022-49321 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may tre… redhatsusedebian
CVE-2022-50135 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup The function rxe_create_qp calls rxe_qp_from_init. If some error oc… redhatsusedebian
CVE-2022-50429 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_ch… redhatsusedebian
CVE-2022-50881 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() This patch fixes a use-after-free in ath9k that occurs in ath9k_hif… redhatsusedebian
CVE-2022-49882 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache Reject kvm_gpc_check() and kvm_gpc_refresh() if the cache is… redhatsusedebian
CVE-2022-50578 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in __class_register() If class_add_groups() returns error, the 'cp->subsys' need be unregister, a… redhatsusedebian
CVE-2022-50885 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed There is a null-ptr-deref when mount.cifs over rdma… redhatsusedebian
CVE-2022-50820 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init() dmc620_pmu_init() won't remove the callback added by cpuhp_setup_… redhatsusedebian
CVE-2022-50772 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in nsim_bus_dev_new(), the value of reference in nsi… redhatsusedebian
CVE-2022-38457 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-49759 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmci_dispatch_dgs() tasklet function calls vmci_read_data() which uses wait_event… redhatsusedebian
CVE-2022-50295 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/msg_ring: Fix NULL pointer dereference in io_msg_send_fd() Syzkaller produced the below call trace: BUG: KASAN: null-p… redhatsusedebian
CVE-2022-50544 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array fo… redhatsusedebian
CVE-2022-50677 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in _ipmi_destroy_user() The intf_free() function frees the "intf" pointer so we cannot dereference it ag… redhatsusedebian
CVE-2022-50458 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we… redhatsusedebian
CVE-2022-49273 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The cleari… redhatsusedebian
CVE-2022-50733 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset lab… redhatsusedebian
CVE-2022-50351 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will b… redhatsusedebian
CVE-2022-42895 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-50066 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the derefe… redhatsusedebian
CVE-2022-38076 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50667 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page … redhatsusedebian
CVE-2022-50460 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_flock() If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked. redhatsusedebian
CVE-2022-50250 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix use_count leakage when handling boot-on I found a use_count leakage towards supply regulator of rdev with bo… redhatsusedebian
CVE-2022-50269 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0x… redhatsusedebian
CVE-2022-50091 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early… redhatsusedebian
CVE-2022-49256 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Actually free the watch free_watch() does everything barring actually freeing the watch object. Fix this by adding … redhatsusedebian
CVE-2022-48975 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochip_setup_dev() Here is a backtrace report about memory leak detected in gpiochip_setup_dev(): … redhatsusedebian
CVE-2022-40133 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-50558 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config… redhatsusedebian
CVE-2022-49257 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix NULL dereference in error cleanup In watch_queue_set_size(), the error cleanup code doesn't take account of the … redhatsusedebian
CVE-2022-49938 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the req… redhatsusedebian
CVE-2022-50532 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() ret… redhatsusedebian
CVE-2022-49316 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to b… redhatrockylinuxsusedebian
CVE-2022-49344 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). unix_dgram_poll() calls unix_dgram_peer_wake_me() without `other`'s lock h… redhatsusedebian
CVE-2022-50426 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or … redhatsusedebian
CVE-2022-50488 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ====================================… redhatsusedebian
CVE-2022-49466 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremente… redhatsusedebian
CVE-2022-49748 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using… redhatsusedebian
CVE-2022-50704 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if th… redhatsusedebian
CVE-2022-40964 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-49699 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemap_get_read_batch() If a read races with an invalidation followed by another read, it is … redhatsusedebian
CVE-2022-49731 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() In an unlikely (and probably wrong?) case that the 'ppi' param… redhatsusedebian
CVE-2022-50390 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED Shifting signed 32-bit value by 31 bits is undefined,… redhatsusedebian