VIR Vulnerability Intelligence Relay

CVEs from 2022

8,251 normalized CVEs published or assigned in this year.

Total
8,251
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.1%
% with KEV
1.6%
% with exploit
1.6%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50116 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user pack… redhatsusedebian
CVE-2022-50447 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix crash on hci_create_cis_sync When attempting to connect multiple ISO sockets without using DEFER_SETUP m… redhatsusedebian
CVE-2022-49721 high 8.0 2y ago In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an ftrace trampoline. This is handl… redhatsusedebian
CVE-2022-41858 high 8.0 2y ago Important: kernel security update redhatsusedebian
CVE-2022-36402 high 8.0 2y ago An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows… redhatsusedebian
CVE-2022-3545 high 8.0 2y ago Important: kernel security update archredhatsusedebian
CVE-2022-45884 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45919 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45886 high 8.0 3y ago Important: kernel security and bug fix update rockylinuxsusedebian
CVE-2022-45887 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update susedebian
CVE-2022-50458 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we… redhatsusedebian
CVE-2022-46329 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatrockylinuxdebian
CVE-2022-50628 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/gud: Fix UBSAN warning UBSAN complains about invalid value for bool: [ 101.165172] [drm] Initialized gud 1.0.0 20200422 for… redhatsusedebian
CVE-2022-27635 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-49339 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text sectio… redhatsusedebian
CVE-2022-32933 high 8.0 3y ago An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private… redhatsusedebian
CVE-2022-50453 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbindin… redhatsusedebian
CVE-2022-50705 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq… redhatsusedebian
CVE-2022-49864 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p i… redhatsusedebian
CVE-2022-50847 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe During device boot, the HPD interrupt could be triggered before th… redhatsusedebian
CVE-2022-50191 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() We should call the of_node_put() for the reference return… redhatsusedebian
CVE-2022-50107 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == next_cached' case, we leak a refcount on the struct page. Fix t… redhatsusedebian
CVE-2022-50817 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skb_clone() syzbot got a crash [1] in skb_clone(), caused by a bug in hsr_get_untagged_fra… redhatsusedebian
CVE-2022-50540 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the periph… redhatsusedebian
CVE-2022-49220 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprob… redhatsusedebian
CVE-2022-50258 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmf… redhatsusedebian
CVE-2022-49715 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcount i… redhatsusedebian
CVE-2022-40133 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update redhatsusedebian
CVE-2022-50700 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a… redhatsusedebian
CVE-2022-50883 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed to hit another decl_tag issue: btf_func_proto_… redhatsusedebian
CVE-2022-50882 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvc_gpio_parse Previously the unit buffer was allocated before checking the IRQ for privacy G… redhatsusedebian
CVE-2022-50482 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to c… redhatsusedebian
CVE-2022-50249 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_… redhatsusedebian
CVE-2022-50246 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() I got the following report while doing device(mt6370-tcpc) … redhatsusedebian
CVE-2022-50862 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decl_tag from being referenced in func_proto Syzkaller was able to hit the following issue: ------------[ cut here … redhatsusedebian
CVE-2022-50824 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure th… redhatsusedebian
CVE-2022-50784 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as … redhatsusedebian
CVE-2022-50781 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is… redhatsusedebian
CVE-2022-50372 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xff… redhatsusedebian
CVE-2022-32919 high 8.0 3y ago The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing. redhatsusedebian
CVE-2022-50391 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other tha… redhatsusedebian
CVE-2022-50550 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on add_disk() failures When a gendisk is successfully initialized but add_disk() fails such as whe… redhatsusedebian
CVE-2022-50200 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memory out-of-bound acc… redhatsusedebian
CVE-2022-49752 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() The 'parent' returned by fwnode_graph_get_port_par… redhatsusedebian
CVE-2022-50760 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device wi… redhatsusedebian
CVE-2022-50426 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or … redhatsusedebian
CVE-2022-48950 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf: Fix perf_pending_task() UaF Per syzbot it is possible for perf_pending_task() to run after the event is free()'d. There are… redhatsusedebian
CVE-2022-49653 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak … redhatsusedebian
CVE-2022-50239 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory:… redhatsusedebian
CVE-2022-50356 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfb_init() fails When the default qdisc is sfb, if the qdisc of dev_queue fai… redhatsusedebian
CVE-2022-3594 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-50488 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ====================================… redhatsusedebian
CVE-2022-50234 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we wa… redhatsusedebian
CVE-2022-49795 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is … redhatsusedebian
CVE-2022-49716 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions of_get_child_by_name() returns a node pointer with refcount inc… redhatsusedebian
CVE-2022-50327 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which wo… redhatsusedebian
CVE-2022-50532 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() ret… redhatsusedebian
CVE-2022-49028 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethr… redhatsusedebian
CVE-2022-50276 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in power_supply_get_battery_info when kmalloc() fail to allocate memory in kasprint… redhatsusedebian
CVE-2022-46705 high 8.0 3y ago A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a… redhatsusedebian
CVE-2022-49748 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using… redhatsusedebian
CVE-2022-50699 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() The following warning was triggered on a hardware envi… redhatsusedebian
CVE-2022-42895 high 8.0 3y ago Important: kernel security, bug fix, and enhancement update archredhatsusedebian
CVE-2022-49746 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init If the function sdma_load_context() fails, the sdma_desc wi… redhatsusedebian
CVE-2022-50704 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if th… redhatsusedebian
CVE-2022-49774 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introd… redhatsusedebian
CVE-2022-50110 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does not … redhatsusedebian
CVE-2022-50627 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereferen… redhatsusedebian
CVE-2022-50351 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will b… redhatsusedebian
CVE-2022-50842 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent N… redhatsusedebian
CVE-2022-49699 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemap_get_read_batch() If a read races with an invalidation followed by another read, it is … redhatsusedebian
CVE-2022-50829 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), the… redhatsusedebian
CVE-2022-50809 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhci_alloc_dbc() If DbC is already in use, then the allocated memory for the xhci_dbc struct doesn'… redhatsusedebian
CVE-2022-36351 high 8.0 3y ago Important: linux-firmware security, bug fix, and enhancement update redhatdebian
CVE-2022-50275 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add the missed acpi_put_table() to fix memory leak When the radeon driver reads the bios information from ACPI table … redhatsusedebian
CVE-2022-50856 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked. redhatsusedebian
CVE-2022-50297 high 8.0 3y ago RHSA-2023:6583: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-50117 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op (e.g. set_state/get_sta… redhatsusedebian
CVE-2022-50429 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_ch… redhatsusedebian
CVE-2022-50472 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the followi… redhatsusedebian
CVE-2022-49750 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Add u64 casts to avoid overflowing The fields of the _CPC object are unsigned 32-bits values. To avoid overflows w… redhatsusedebian
CVE-2022-49773 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix optc2_configure warning on dcn314 [Why] dcn314 uses optc2_configure_crc() that wraps optc1_configure_crc() +… redhatsusedebian
CVE-2022-50475 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobjec… redhatsusedebian
CVE-2022-50361 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init() Fault injection test reports this issue: kernel BUG at… redhatsusedebian
CVE-2022-50460 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_flock() If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked. redhatsusedebian
CVE-2022-49273 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The cleari… redhatsusedebian
CVE-2022-50269 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0x… redhatsusedebian
CVE-2022-49321 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may tre… redhatsusedebian
CVE-2022-50658 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in … redhatsusedebian
CVE-2022-50645 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI dev… redhatsusedebian
CVE-2022-50279 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KAS… redhatsusedebian
CVE-2022-49466 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremente… redhatsusedebian
CVE-2022-49875 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE When using bpftool to pin {PROG, MAP, LINK} without… redhatsusedebian
CVE-2022-50819 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g… redhatsusedebian
CVE-2022-50444 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, w… redhatsusedebian
CVE-2022-50505 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in ppr_notifier() As comment of pci_get_domain_bus_and_slot() says, it returns a pci devi… redhatsusedebian
CVE-2022-50247 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq Can not set the @shared_hcd to NULL before decrease the usag… redhatsusedebian
CVE-2022-50626 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is d… redhatsusedebian
CVE-2022-50470 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list … redhatsusedebian
CVE-2022-50771 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module pa… redhatsusedebian