VIR Vulnerability Intelligence Relay

CVEs from 2022

6,001 normalized CVEs published or assigned in this year.

Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-49600 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_ip_autobind_reuse. While reading sysctl_ip_autobind_reuse, it can be changed concurrently. Thus… redhatsusedebian
CVE-2022-50021 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4_mb_clear_bb() Block range to free is validated in ext4_free_blocks() using… redhatsusedebian
CVE-2022-50020 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boun… redhatrockylinuxsusedebian+1
CVE-2022-50156 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112_xfer() Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memc… redhatsusedebian
CVE-2022-43750 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-49632 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can b… redhatsusedebian
CVE-2022-50154 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek-gen3: Fix refcount leak in mtk_pcie_init_irq_domains() of_get_child_by_name() returns a node pointer with refcount … redhatsusedebian
CVE-2022-49539 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER (syste… redhatsusedebian
CVE-2022-49630 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus,… redhatsusedebian
CVE-2022-49204 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has more_data In tcp_bpf_send_verdict(), if msg has more data after tcp_bpf_sendmsg_re… redhatsusedebian
CVE-2022-50153 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe of_find_compatible_node() returns a node pointer with refcount incremented,… redhatsusedebian
CVE-2022-50016 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware… redhatsusedebian
CVE-2022-50157 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains() of_get_next_child() returns a node pointer with refcount incremen… redhatsusedebian
CVE-2022-50152 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe of_parse_phandle() returns a node pointer with refcount incremented, we sh… redhatsusedebian
CVE-2022-49541 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799 redhatsusedebian
CVE-2022-50452 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue … redhatsusedebian
CVE-2022-50151 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: [ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to… redhatsusedebian
CVE-2022-32886 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update archredhatsusedebian+1
CVE-2022-32923 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-21637 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-49872 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: gso: fix panic on frag_list with mixed head alloc types Since commit 3dcbdb134f32 ("net: gso: Fix skb_segment splat when spl… redhatsusedebian
CVE-2022-32888 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-42823 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49638 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add REA… redhatsusedebian
CVE-2022-21633 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-42799 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50148 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: kernfs: fix potential NULL dereference in __kernfs_remove When lockdep is enabled, lockdep_assert_held_write would cause potentia… redhatsusedebian
CVE-2022-42824 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-42826 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-42867 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50146 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors If dw_pcie_ep_init() fails to perform any action after the EPC memory… redhatsusedebian
CVE-2022-42852 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50147 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix get_nodes out of bound access When user specified more nodes than supported, get_nodes will access nmask array … redhatsusedebian
CVE-2022-42863 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50015 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firm… redhatsusedebian
CVE-2022-46691 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49207 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in sk_psock_queue_msg If tcp_bpf_sendmsg is running during a tear down operation we may enqueue data on… redhatsusedebian
CVE-2022-49323 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() It will cause null-ptr-deref when using 'res', if platform… redhatsusedebian
CVE-2022-50100 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpus_mask The following warning was triggered on a large machine early in bo… redhatsusedebian
CVE-2022-49205 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix double uncharge the mem of sk_msg If tcp_bpf_sendmsg is running during a tear down operation, psock may be free… redhatsusedebian
CVE-2022-50863 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: free unused skb to prevent memory leak This avoid potential memory leak under power saving mode. redhatsusedebian
CVE-2022-49328 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mt76: fix use-after-free by removing a non-RCU wcid pointer Fixes an issue caught by KASAN about use-after-free in mt76_txq_sched… redhatsusedebian
CVE-2022-49365 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Off by one in dm_dmub_outbox1_low_irq() The > ARRAY_SIZE() should be >= ARRAY_SIZE() to prevent an out of bounds acce… redhatsusedebian
CVE-2022-50093 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-ac… redhatsusedebian
CVE-2022-49647 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading css_sets for migration Each cset (css_set) is pinned by its tasks. When we're … redhatsusedebian
CVE-2022-49049 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfd_secret When one tries to grow an existing memfd_secret with ftruncate, one gets a pa… redhatsusedebian
CVE-2022-50843 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clone_dtr() Dm_clone also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Theref… redhatsusedebian
CVE-2022-50388 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blk_kick_flush has NU… redhatsusedebian
CVE-2022-3566 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-50445 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress te… redhatsusedebian
CVE-2022-50088 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: fix potential memory leak in damon_reclaim_init() damon_reclaim_init() allocates a memory chunk for ctx with da… redhatsusedebian
CVE-2022-50839 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without… redhatsusedebian
CVE-2022-3524 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-49959 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovs_dp_cmd_new()->ovs_dp_change()->ovs_dp_set_upcall_portids() allocates… redhatsusedebian
CVE-2022-49688 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afs_getattr consult the server didn't account for the pseudo-inodes employ… redhatsusedebian
CVE-2022-50783 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflo… redhatsusedebian
CVE-2022-50381 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The re… redhatsusedebian
CVE-2022-49434 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() The sysfs sriov_numvfs_store() path acquires the device lock b… redhatsusedebian
CVE-2022-21625 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-21617 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-21594 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-49700 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as… redhatsusedebian
CVE-2022-50086 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rq_qos add more than once In our test of iocost, we encountered some list add/del corruptions of… redhatsusedebian
CVE-2022-21599 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-49951 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to devi… redhatsusedebian
CVE-2022-3640 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-49603 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_update_priority. While reading sysctl_ip_fwd_update_priority, it can be changed concurren… redhatsusedebian
CVE-2022-49565 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. [ 7763.384369] unchecked MSR acce… redhatsusedebian
CVE-2022-49593 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_interval. While reading sysctl_tcp_probe_interval, it can be changed concurrently. T… redhatsusedebian
CVE-2022-50136 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply… redhatsusedebian
CVE-2022-49345 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport __init-annotated xfrm4_protocol_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text s… redhatsusedebian
CVE-2022-50139 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() We should call of_node_put() for the reference returned by of_get… redhatsusedebian
CVE-2022-50185 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() The last case label can write two buffers 'mc_reg_addr… redhatsusedebian
CVE-2022-50138 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() __qedr_alloc_mr() allocates a memory chunk for "mr->info.pbl_table" wit… redhatsusedebian
CVE-2022-50137 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are… redhatsusedebian
CVE-2022-49974 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: fix rumble worker null pointer deref We can dereference a null pointer trying to queue work to a destroyed workque… redhatsusedebian
CVE-2022-49983 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device (v2) If the DMA mask is not set explicitly, the following warning occurs when th… redhatsusedebian
CVE-2022-49973 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: skmsg: Fix wrong last sg check in sk_msg_recvmsg() Fix one kernel NULL pointer dereference as below: [ 224.462334] Call Trace: … redhatsusedebian
CVE-2022-49971 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix a potential gpu_metrics_table memory leak Memory is allocated for gpu_metrics_table in smu_v13_0_4_init_smc_table… redhatsusedebian
CVE-2022-49970 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, cgroup: Fix kernel BUG in purge_effective_progs Syzkaller reported a triggered kernel BUG as follows: ------------[ cut h… redhatsusedebian
CVE-2022-49969 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock [Why] After ODM clock off, optc underflow bit will be kept there … redhatsusedebian
CVE-2022-49967 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpf_jit_limit. While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() i… redhatsusedebian
CVE-2022-49966 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid To avoid any potential memory leak. redhatsusedebian
CVE-2022-50408 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); ma… redhatsusedebian
CVE-2022-50083 high 8.0 3y ago RHSA-2023:2458: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-46692 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-46698 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49925 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x00… redhatsusedebian
CVE-2022-49920 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: netlink notifier might race to release objects commit release path is invoked via call_rcu and it runs lock… redhatsusedebian
CVE-2022-49934 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF … redhatsusedebian
CVE-2022-46699 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-48696 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the max_raw_read and max_raw_write limits in regmap_spi struct … redhatsusedebian
CVE-2022-46700 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatdebianalmalinux
CVE-2022-39408 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-49911 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: enforce documented limit to prevent allocating huge memory Daniel Xu reported that the hash:net,iface type of t… redhatsusedebian
CVE-2022-50403 high 8.0 3y ago RHSA-2023:2458: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-49908 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix memory leak in vhci_write Syzkaller reports a memory leak as follows: ==================================== … redhatsusedebian
CVE-2022-41674 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-49862 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header This is a follow-up for commit 974cb0e3e7c9 ("tipc:… redhatsusedebian
CVE-2022-1789 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1