VIR Vulnerability Intelligence Relay

CVEs from 2022

6,002 normalized CVEs published or assigned in this year.

Total
6,002
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-49774 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introd… redhatsusedebian
CVE-2022-50724 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: … redhatsusedebian
CVE-2022-50391 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other tha… redhatsusedebian
CVE-2022-49687 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using vir… redhatsusedebian
CVE-2022-46725 high 8.0 3y ago A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to ad… redhatsusedebian
CVE-2022-49855 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain th… redhatsusedebian
CVE-2022-49321 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may tre… redhatsusedebian
CVE-2022-50005 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout When the pn532 uart device is detaching, the pn532_uart_remove() … redhatsusedebian
CVE-2022-50628 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/gud: Fix UBSAN warning UBSAN complains about invalid value for bool: [ 101.165172] [drm] Initialized gud 1.0.0 20200422 for… redhatsusedebian
CVE-2022-49220 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprob… redhatsusedebian
CVE-2022-49653 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak … redhatsusedebian
CVE-2022-50066 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the derefe… redhatsusedebian
CVE-2022-50107 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == next_cached' case, we leak a refcount on the struct page. Fix t… redhatsusedebian
CVE-2022-50650 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference state management for synchronous callbacks Currently, verifier verifies callback functions (sync and async) as… redhatsusedebian
CVE-2022-49256 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Actually free the watch free_watch() does everything barring actually freeing the watch object. Fix this by adding … redhatsusedebian
CVE-2022-50550 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on add_disk() failures When a gendisk is successfully initialized but add_disk() fails such as whe… redhatsusedebian
CVE-2022-50317 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911… redhatsusedebian
CVE-2022-50728 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call … redhatsusedebian
CVE-2022-50824 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure th… redhatsusedebian
CVE-2022-49339 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text sectio… redhatsusedebian
CVE-2022-50429 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_ch… redhatsusedebian
CVE-2022-49028 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethr… redhatsusedebian
CVE-2022-50817 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skb_clone() syzbot got a crash [1] in skb_clone(), caused by a bug in hsr_get_untagged_fra… redhatsusedebian
CVE-2022-50247 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq Can not set the @shared_hcd to NULL before decrease the usag… redhatsusedebian
CVE-2022-49273 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The cleari… redhatsusedebian
CVE-2022-50390 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED Shifting signed 32-bit value by 31 bits is undefined,… redhatsusedebian
CVE-2022-49257 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix NULL dereference in error cleanup In watch_queue_set_size(), the error cleanup code doesn't take account of the … redhatsusedebian
CVE-2022-50705 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq… redhatsusedebian
CVE-2022-32082 high 8.0 3y ago Important: galera and mariadb security update redhatrockylinuxsusedebian
CVE-2022-38791 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-47015 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-32081 high 8.0 3y ago Important: galera and mariadb security update redhatrockylinuxsusedebian
CVE-2022-32091 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-32089 high 8.0 3y ago Important: galera and mariadb security update redhatalmalinuxrockylinuxsuse+1
CVE-2022-32084 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-25883 high 8.0 3y ago Important: nodejs:18 security, bug fix, and enhancement update rockylinuxredhatsusedebian+1
CVE-2022-50661 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the re… redhatsusedebian
CVE-2022-40982 high 8.0 3y ago Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable in… redhatrockylinuxsusedebian
CVE-2022-45869 high 8.0 3y ago A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisatio… redhatsusedebianrockylinux
CVE-2022-32885 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatdebian
CVE-2022-41218 high 8.0 3y ago In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. archsusedebianalmalinux
CVE-2022-25147 high 8.0 3y ago Important: apr-util security update debianredhatrockylinuxsuse
CVE-2022-25265 high 8.0 3y ago In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execu… debian
CVE-2022-50679 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reprodu… redhatsusedebian
CVE-2022-49951 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to devi… redhatsusedebian
CVE-2022-50194 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register Every iteration of for_each_available_child_of_node() decremen… redhatsusedebian
CVE-2022-49920 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: netlink notifier might race to release objects commit release path is invoked via call_rcu and it runs lock… redhatsusedebian
CVE-2022-50668 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4… redhatsusedebian
CVE-2022-50622 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_… redhatsusedebian
CVE-2022-49642 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for … redhatsusedebian
CVE-2022-50189 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix thi… redhatsusedebian
CVE-2022-49641 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in proc_douintvec(). A sysctl variable is accessed concurrently, and there is always a chance of data-race… redhatsusedebian
CVE-2022-49637 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_sync_mem. While reading sysctl_fib_sync_mem, it can be changed concurrently. So, we need … redhatsusedebian
CVE-2022-50129 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srpt_port from regular members into pointers. Allocate … redhatsusedebian
CVE-2022-49934 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF … redhatsusedebian
CVE-2022-47929 high 8.0 3y ago In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic contr… archredhatdebiansuse+1
CVE-2022-50569 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scratches() fails to allocate memory ipcomp_scratche… redhatsusedebian
CVE-2022-46691 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebian
CVE-2022-4662 high 8.0 3y ago A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. redhatdebiansuse
CVE-2022-50467 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID An error case exit from lpfc_cmpl_ct_cmd_gft_id() resu… redhatsusedebian
CVE-2022-49639 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently. So, we need to add R… redhatsusedebian
CVE-2022-2663 high 8.0 3y ago An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using u… archredhatsusedebian
CVE-2022-50196 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ocmem: Fix refcount leak in of_get_ocmem of_parse_phandle() returns a node pointer with refcount incremented, we shoul… redhatsusedebian
CVE-2022-3625 high 8.0 3y ago A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The… redhatsusedebianalmalinux
CVE-2022-46699 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebian
CVE-2022-49638 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add REA… redhatsusedebian
CVE-2022-3623 high 8.0 3y ago A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulat… archredhatsusedebian+1
CVE-2022-49935 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dma_resv object we always assumed … redhatsusedebian
CVE-2022-3566 high 8.0 3y ago A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race c… archredhatsusedebian
CVE-2022-50512 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_regions() As krealloc may return NULL, in this case 'state->fc_regions' may not… redhatsusedebian
CVE-2022-50035 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex If amdgpu_cs_vm_handling returns r != 0, then it will unlock the bo_list_m… redhatsusedebian
CVE-2022-50190 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: spi: Fix simplification of devm_spi_register_controller This reverts commit 59ebbe40fb51 ("spi: simplify devm_spi_register_contro… redhatsusedebian
CVE-2022-3524 high 8.0 3y ago A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads… archredhatsusedebian
CVE-2022-49646 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue fo… redhatsusedebian
CVE-2022-3435 high 8.0 3y ago A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation l… redhatsusedebian
CVE-2022-50125 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe of_parse_phandle() returns a node pointer with refcount in… redhatsusedebian
CVE-2022-48884 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command stats access after free Command may fail while driver is reloading and can't accept FW commands till comman… redhatsusedebian
CVE-2022-42823 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebian
CVE-2022-50185 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() The last case label can write two buffers 'mc_reg_addr… redhatsusedebian
CVE-2022-50403 high 8.0 3y ago RHSA-2023:2458: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-49942 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel … redhatsusedebian
CVE-2022-50133 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci_plat_remove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a ("usb: host: xhci-plat: omit … redhatsusedebian
CVE-2022-3619 high 8.0 3y ago A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Blueto… archredhatsusedebian+1
CVE-2022-21617 high 8.0 3y ago Important: mysql security update redhatdebian
CVE-2022-50041 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously … redhatsusedebian
CVE-2022-49049 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfd_secret When one tries to grow an existing memfd_secret with ftruncate, one gets a pa… redhatsusedebian
CVE-2022-1882 high 8.0 3y ago A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. Thi… redhatsusedebian
CVE-2022-50465 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of fast-commit journal blocks is unused, make… redhatsusedebian
CVE-2022-50445 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress te… redhatsusedebian
CVE-2022-50137 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are… redhatsusedebian
CVE-2022-50136 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply… redhatsusedebian
CVE-2022-50459 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing t… redhatsusedebian
CVE-2022-39400 high 8.0 3y ago Important: mysql:8.0 security, bug fix, and enhancement update redhatdebian
CVE-2022-50132 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() If 'ep' is NULL, result o… redhatsusedebian
CVE-2022-50131 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() Smatch Warning: drivers/hid/hid-mcp2221.c:388 mcp_smbus_write() erro… redhatsusedebian
CVE-2022-49471 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check mac_id to avoid out-of-bounds Somehow, hardware reports incorrect mac_id and pollute memory. Check index before… redhatsusedebian
CVE-2022-50452 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue … redhatsusedebian
CVE-2022-50350 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between login_work and the login thread In case a malicious initiator sends some random… redhatsusedebian
CVE-2022-49943 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udc_mutex A recent commit expanding the scope of the udc_lock mutex in the gadget … redhatsusedebian
CVE-2022-50126 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_… redhatsusedebian