VIR Vulnerability Intelligence Relay

CVEs from 2022

8,004 normalized CVEs published or assigned in this year.

Total
8,004
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.1%
% with KEV
1.6%
% with exploit
1.6%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50780 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net,… redhatsusedebian
CVE-2022-50642 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining ty… redhatsusedebian
CVE-2022-0480 high 8.0 2y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-3545 high 8.0 2y ago Important: kernel security update archredhatsusedebian
CVE-2022-36402 high 8.0 2y ago An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows… redhatsusedebian
CVE-2022-41858 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2022-45919 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45886 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45884 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45887 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update susedebian
CVE-2022-49873 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type conversion in release_reference() Some helper functions will allocate memory. To avoid memory leaks, the … redhatsusedebian
CVE-2022-50372 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xff… redhatsusedebian
CVE-2022-38457 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-50558 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config… redhatsusedebian
CVE-2022-50239 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory:… redhatsusedebian
CVE-2022-50322 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_C… redhatsusedebian
CVE-2022-49795 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is … redhatsusedebian
CVE-2022-50389 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information… redhatsusedebian
CVE-2022-49220 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprob… redhatsusedebian
CVE-2022-50735 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to ru… redhatsusedebian
CVE-2022-50756 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case n… redhatsusedebian
CVE-2022-49760 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlb_change_protection() Patch series "mm/hugetlb: uffd-wp fixes for hugetlb_change_pro… redhatsusedebian
CVE-2022-49316 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to b… redhatrockylinuxsusedebian
CVE-2022-50475 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobjec… redhatsusedebian
CVE-2022-32919 high 8.0 3y ago The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing. redhatsusedebian
CVE-2022-50391 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other tha… redhatsusedebian
CVE-2022-50369 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkms_release() A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms->outp… redhatsusedebian
CVE-2022-48975 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochip_setup_dev() Here is a backtrace report about memory leak detected in gpiochip_setup_dev(): … redhatsusedebian
CVE-2022-50562 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA tab… redhatsusedebian
CVE-2022-49748 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using… redhatsusedebian
CVE-2022-3594 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-49750 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Add u64 casts to avoid overflowing The fields of the _CPC object are unsigned 32-bits values. To avoid overflows w… redhatsusedebian
CVE-2022-50817 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skb_clone() syzbot got a crash [1] in skb_clone(), caused by a bug in hsr_get_untagged_fra… redhatsusedebian
CVE-2022-50627 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereferen… redhatsusedebian
CVE-2022-50246 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() I got the following report while doing device(mt6370-tcpc) … redhatsusedebian
CVE-2022-50479 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/fre… redhatsusedebian
CVE-2022-49759 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmci_dispatch_dgs() tasklet function calls vmci_read_data() which uses wait_event… redhatsusedebian
CVE-2022-50829 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), the… redhatsusedebian
CVE-2022-50632 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init() tad_pmu_init() won't remove the callback added by cpuhp… redhatsusedebian
CVE-2022-49321 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may tre… redhatsusedebian
CVE-2022-50626 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is d… redhatsusedebian
CVE-2022-50728 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call … redhatsusedebian
CVE-2022-40133 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-50540 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the periph… redhatsusedebian
CVE-2022-50351 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will b… redhatsusedebian
CVE-2022-49653 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak … redhatsusedebian
CVE-2022-49699 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemap_get_read_batch() If a read races with an invalidation followed by another read, it is … redhatsusedebian
CVE-2022-50582 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining unde… redhatsusedebian
CVE-2022-50556 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_prope… redhatsusedebian
CVE-2022-49715 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcount i… redhatsusedebian
CVE-2022-50477 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fix potential memleak in devm_rtc_allocate_device() devm_rtc_allocate_device() will alloc a rtc_device first, and the… redhatsusedebian
CVE-2022-40964 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50809 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhci_alloc_dbc() If DbC is already in use, then the allocated memory for the xhci_dbc struct doesn'… redhatsusedebian
CVE-2022-49746 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init If the function sdma_load_context() fails, the sdma_desc wi… redhatsusedebian
CVE-2022-49567 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpol_rebind_policy() mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mod… redhatsusedebian
CVE-2022-50532 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() ret… redhatsusedebian
CVE-2022-50091 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early… redhatsusedebian
CVE-2022-50784 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as … redhatsusedebian
CVE-2022-50750 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to a… redhatsusedebian
CVE-2022-36351 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50297 high 8.0 3y ago RHSA-2023:6583: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-49885 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and… redhatsusedebian
CVE-2022-49938 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the req… redhatsusedebian
CVE-2022-50004 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst->dev xmit null pointer dereference When we try to transmit an skb with metadata_dst attached (i.e.… redhatsusedebian
CVE-2022-50042 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first p… redhatsusedebian
CVE-2022-50361 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init() Fault injection test reports this issue: kernel BUG at… redhatsusedebian
CVE-2022-50200 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memory out-of-bound acc… redhatsusedebian
CVE-2022-46705 high 8.0 3y ago A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a… redhatsusedebian
CVE-2022-50819 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g… redhatsusedebian
CVE-2022-50341 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to … redhatsusedebian
CVE-2022-50658 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in … redhatsusedebian
CVE-2022-50667 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page … redhatsusedebian
CVE-2022-50258 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmf… redhatsusedebian
CVE-2022-50279 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KAS… redhatsusedebian
CVE-2022-38900 high 8.0 3y ago Important: nodejs:14 security, bug fix, and enhancement update redhatrockylinuxnpm
CVE-2022-50643 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_copy_file_range() If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwi… redhatsusedebian
CVE-2022-50406 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable … redhatsusedebian
CVE-2022-50630 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and r… redhatsusedebian
CVE-2022-50249 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_… redhatsusedebian
CVE-2022-50453 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbindin… redhatsusedebian
CVE-2022-50885 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed There is a null-ptr-deref when mount.cifs over rdma… redhatsusedebian
CVE-2022-38076 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50426 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or … redhatsusedebian
CVE-2022-50733 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset lab… redhatsusedebian
CVE-2022-49837 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in __check_func_call kmemleak reports this issue: unreferenced object 0xffff88817139d000 (size 2048): co… redhatsusedebian
CVE-2022-50460 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_flock() If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked. redhatsusedebian
CVE-2022-50472 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the followi… redhatsusedebian
CVE-2022-50616 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: core: Use different devices for resource allocation and DT lookup Following by the below discussion, there's the poten… redhatsusedebian
CVE-2022-49687 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using vir… redhatsusedebian
CVE-2022-49028 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethr… redhatsusedebian
CVE-2022-48988 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memcg: fix possible use-after-free in memcg_write_event_control() memcg_write_event_control() accesses the dentry->d_name of the … redhatsusedebian
CVE-2022-50066 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the derefe… redhatsusedebian
CVE-2022-50464 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() As comment of pci_get_device() says, it returns a pci_device… redhatsusedebian
CVE-2022-50771 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module pa… redhatsusedebian
CVE-2022-50645 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI dev… redhatsusedebian
CVE-2022-50272 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei Chen reports a kernel bug as blew: general protection fault,… redhatsusedebian
CVE-2022-50881 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() This patch fixes a use-after-free in ath9k that occurs in ath9k_hif… redhatsusedebian
CVE-2022-50781 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is… redhatsusedebian
CVE-2022-50832 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add de… redhatsusedebian
CVE-2022-49752 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() The 'parent' returned by fwnode_graph_get_port_par… redhatsusedebian