VIR Vulnerability Intelligence Relay

CVEs from 2022

6,002 normalized CVEs published or assigned in this year.

Total
6,002
critical
critical 88
high
high 1,240
medium
medium 887
low
low 23
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50847 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe During device boot, the HPD interrupt could be triggered before th… redhatsusedebian
CVE-2022-50110 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does not … redhatsusedebian
CVE-2022-50844 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFI… redhatsusedebian
CVE-2022-50842 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent N… redhatsusedebian
CVE-2022-50076 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200… redhatsusedebian
CVE-2022-50829 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), the… redhatsusedebian
CVE-2022-50072 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open s… redhatsusedebian
CVE-2022-50823 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we… redhatsusedebian
CVE-2022-50824 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure th… redhatsusedebian
CVE-2022-50822 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memor… redhatsusedebian
CVE-2022-49273 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The cleari… redhatsusedebian
CVE-2022-50819 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g… redhatsusedebian
CVE-2022-50064 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). However, vq is freed on … redhatsusedebian
CVE-2022-50820 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init() dmc620_pmu_init() won't remove the callback added by cpuhp_setup_… redhatsusedebian
CVE-2022-50809 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhci_alloc_dbc() If DbC is already in use, then the allocated memory for the xhci_dbc struct doesn'… redhatsusedebian
CVE-2022-50825 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe() I got the following report while doing fault injection test: … redhatsusedebian
CVE-2022-38791 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-32081 high 8.0 3y ago Important: galera and mariadb security update redhatrockylinuxsusedebian
CVE-2022-32089 high 8.0 3y ago Important: galera and mariadb security update redhatalmalinuxrockylinuxsuse+1
CVE-2022-47015 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-32082 high 8.0 3y ago Important: galera and mariadb security update redhatrockylinuxsusedebian
CVE-2022-32084 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-32091 high 8.0 3y ago Important: galera and mariadb security update rockylinuxredhatalmalinuxsuse+1
CVE-2022-25883 high 8.0 3y ago Important: nodejs:18 security, bug fix, and enhancement update rockylinuxredhatsusedebian+1
CVE-2022-50661 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the re… redhatsusedebian
CVE-2022-40982 high 8.0 3y ago Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable in… redhatrockylinuxsusedebian
CVE-2022-45869 high 8.0 3y ago A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisatio… redhatsusedebianrockylinux
CVE-2022-32885 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatdebian
CVE-2022-25147 high 8.0 3y ago Important: apr-util security update debianredhatrockylinuxsuse
CVE-2022-41218 high 8.0 3y ago In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. archsusedebianalmalinux
CVE-2022-25265 high 8.0 3y ago In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execu… debian
CVE-2022-50783 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflo… redhatsusedebian
CVE-2022-3619 high 8.0 3y ago A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Blueto… archredhatsusedebian+1
CVE-2022-49600 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_ip_autobind_reuse. While reading sysctl_ip_autobind_reuse, it can be changed concurrently. Thus… redhatsusedebian
CVE-2022-50778 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL With CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y enabled, we ob… redhatsusedebian
CVE-2022-50052 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflo… redhatsusedebian
CVE-2022-49596 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_min_snd_mss. While reading sysctl_tcp_min_snd_mss, it can be changed concurrently. Thus, we… redhatsusedebian
CVE-2022-4128 high 8.0 3y ago A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash th… redhatsusedebianalmalinux
CVE-2022-50083 high 8.0 3y ago RHSA-2023:2458: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-50768 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause … redhatsusedebian
CVE-2022-50051 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflo… redhatsusedebian
CVE-2022-50050 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string ov… redhatsusedebian
CVE-2022-49595 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_threshold. While reading sysctl_tcp_probe_threshold, it can be changed concurrently.… redhatsusedebian
CVE-2022-50752 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate… redhatsusedebian
CVE-2022-50049 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcm_add_paths(), it doesn't check … redhatsusedebian
CVE-2022-50744 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fn… redhatsusedebian
CVE-2022-50046 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change() The issue happens on some error handling paths. When the … redhatsusedebian
CVE-2022-49594 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. While reading sysctl_tcp_mtu_probe_floor, it can be changed concurrently.… redhatsusedebian
CVE-2022-49087 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpc_exit_net() Current code can lead to the following race: CPU0 … redhatsusedebian
CVE-2022-50738 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit 3d5698793897 ("vhost-vdpa: introduce asid based IOTLB") we called vhost_vdpa_i… redhatsusedebian
CVE-2022-50044 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling. It may leads … redhatsusedebian
CVE-2022-49593 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_interval. While reading sysctl_tcp_probe_interval, it can be changed concurrently. T… redhatsusedebian
CVE-2022-50730 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be… redhatsusedebian
CVE-2022-50039 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() Commit 09f012e64e4b ("stmmac: intel: Fix cloc… redhatsusedebian
CVE-2022-50726 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its call… redhatsusedebian
CVE-2022-50037 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/ttm: don't leak the ccs state The kernel only manages the ccs state with lmem-only objects, however the kernel should st… redhatsusedebian
CVE-2022-49081 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in __kmap_local_sched_{in,out} When CONFIG_DEBUG_KMAP_LOCAL is enabled __kmap_local_sched_{in,out} check that… redhatsusedebian
CVE-2022-50723 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix memory leak in bnxt_nvm_test() Free the kzalloc'ed buffer before returning in the success path. redhatsusedebian
CVE-2022-50034 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: cdns3 fix use-after-free at workaround 2 BUG: KFENCE: use-after-free read in __list_del_entry_valid+0x10/0xac cdns3_wa2_rem… redhatsusedebian
CVE-2022-50717 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds … redhatsusedebian
CVE-2022-50032 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: renesas: Fix refcount leak bug In usbhs_rza1_hardware_init(), of_find_node_by_name() will return a node pointer with refcoun… redhatsusedebian
CVE-2022-49589 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_qrv. While reading sysctl_igmp_qrv, it can be changed concurrently. Thus, we need to add … redhatsusedebian
CVE-2022-50714 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immedia… redhatsusedebian
CVE-2022-50028 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gadgetfs: ep_io - wait until IRQ finishes after usb_ep_queue() if wait_for_completion_interruptible() is interrupted we need to w… redhatsusedebian
CVE-2022-50033 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-ppc-of: Fix refcount leak bug In ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return a node pointer wi… redhatsusedebian
CVE-2022-3640 high 8.0 3y ago A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulati… redhatsusedebianalmalinux
CVE-2022-42720 high 8.0 3y ago Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger… archredhatsusedebian+1
CVE-2022-50703 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() There are two refcount leak bugs in qcom_smsm_probe(): (1) The 'loc… redhatsusedebian
CVE-2022-50029 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gcc_sleep_clk_src Once the usb sleep clocks are disabled, clock framework is trying to disable t… redhatsusedebian
CVE-2022-50702 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() Inject fault while probing module, if device_regi… redhatsusedebian
CVE-2022-50022 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5_release_stripe(sh);" drops the reference to sh and may cause s… redhatsusedebian
CVE-2022-49588 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_migrate_req. While reading sysctl_tcp_migrate_req, it can be changed concurrently. Thus, we… redhatsusedebian
CVE-2022-50698 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() If clk_hw_register() fails, the corresponding clk should n… redhatsusedebian
CVE-2022-50679 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reprodu… redhatsusedebian
CVE-2022-50021 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4_mb_clear_bb() Block range to free is validated in ext4_free_blocks() using… redhatsusedebian
CVE-2022-50020 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boun… redhatrockylinuxsusedebian
CVE-2022-49587 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently. Thu… redhatsusedebian
CVE-2022-49080 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be … redhatsusedebian
CVE-2022-50668 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4… redhatsusedebian
CVE-2022-50016 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware… redhatsusedebian
CVE-2022-50015 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firm… redhatsusedebian
CVE-2022-49586 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently. Thus, we need … redhatsusedebian
CVE-2022-21611 high 8.0 3y ago Important: mysql security update redhatdebian
CVE-2022-50014 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW Ever since the Dirty COW (CVE-2016-5195) security issue happened, w… redhatsusedebian
CVE-2022-49583 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavf_ge… redhatsusedebian
CVE-2022-49585 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. While reading sysctl_tcp_fastopen_blackhole_timeout, it can be … redhatsusedebian
CVE-2022-50635 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): … redhatsusedebian
CVE-2022-50007 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in __xfrm_policy_check() The issue happens on an error path in __xfrm_policy_check(). When the fetching p… redhatsusedebian
CVE-2022-48976 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable_offload: fix using __this_cpu_add in preemptible flow_offload_queue_work() can be called in workqueue withou… redhatsusedebian
CVE-2022-50006 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with __nfs42_ssc_open A destination server while doing a COPY shouldn't accept using the passed in filehandl… redhatsusedebian
CVE-2022-49580 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. While reading sysctl_fib_multipath_use_neigh, it can be changed conc… redhatsusedebian
CVE-2022-3623 high 8.0 3y ago A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulat… archredhatsusedebian+1
CVE-2022-49995 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: writeback: avoid use-after-free after removing device When a disk is removed, bdi_unregister gets called to stop further writebac… redhatsusedebian
CVE-2022-50622 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_… redhatsusedebian
CVE-2022-49579 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_policy. While reading sysctl_fib_multipath_hash_policy, it can be changed c… redhatsusedebian
CVE-2022-49072 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are exposed before they could be comple… redhatsusedebian
CVE-2022-49994 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bootmem: remove the vmemmap pages from kmemleak in put_page_bootmem The vmemmap pages is marked by kmemleak when allocated from m… redhatsusedebian
CVE-2022-50615 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() pci_get_device() will increase the reference count for t… redhatsusedebian
CVE-2022-50580 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that… redhatsusedebian
CVE-2022-49993 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration o… redhatsusedebian