VIR Vulnerability Intelligence Relay

CVEs from 2022

6,001 normalized CVEs published or assigned in this year.

Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50002 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fix logic over MLX5_LAG_FLAG_NDEVS_READY Only set MLX5_LAG_FLAG_NDEVS_READY if both netdevices are registered. Doi… redhatsusedebian
CVE-2022-49971 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix a potential gpu_metrics_table memory leak Memory is allocated for gpu_metrics_table in smu_v13_0_4_init_smc_table… redhatsusedebian
CVE-2022-50863 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: free unused skb to prevent memory leak This avoid potential memory leak under power saving mode. redhatsusedebian
CVE-2022-48337 high 8.0 3y ago Important: emacs security update redhatdebiansusealmalinux
CVE-2022-50181 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cache_ent' could be set NULL inside virtio_gpu_cmd_get_capset() and it… redhatsusedebian
CVE-2022-50487 high 8.0 3y ago RHSA-2023:2458: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-21632 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-28388 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatarchsusedebian+1
CVE-2022-50717 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds … redhatsusedebian
CVE-2022-49114 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the refer… redhatsusedebian
CVE-2022-49646 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue fo… redhatsusedebian
CVE-2022-39188 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-48974 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using __this_cpu_add in preemptible Currently in nf_conntrack_hash_check_insert(), when it fails in nf_… redhatsusedebian
CVE-2022-50678 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address… redhatsusedebian
CVE-2022-48978 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hid_report_raw_event Syzbot reported shift-out-of-bounds in hid_report_raw_event. microsof… redhatsusedebian
CVE-2022-49010 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is … redhatsusedebian
CVE-2022-21617 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-49647 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading css_sets for migration Each cset (css_set) is pinned by its tasks. When we're … redhatsusedebian
CVE-2022-49207 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in sk_psock_queue_msg If tcp_bpf_sendmsg is running during a tear down operation we may enqueue data on… redhatsusedebian
CVE-2022-42826 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50113 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoc: audio-graph-card2: Fix refcount leak bug in __graph_get_type() We should call of_node_put() for the reference before its re… redhatsusedebian
CVE-2022-50569 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scratches() fails to allocate memory ipcomp_scratche… redhatsusedebian
CVE-2022-48885 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ice: Fix potential memory leak in ice_gnss_tty_write() The ice_gnss_tty_write() return directly if the write_buf alloc failed, le… redhatsusedebian
CVE-2022-3707 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-49214 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 ("powerpc/mm: Show if a bad page fault on data is read or w… redhatsusedebian
CVE-2022-2196 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-50816 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report [1] with no reproducer hints at a bug in ip6_gre tunnel (dev:ip6gre… redhatsusedebian
CVE-2022-49049 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfd_secret When one tries to grow an existing memfd_secret with ftruncate, one gets a pa… redhatsusedebian
CVE-2022-49070 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix unregistering of framebuffers without device OF framebuffers do not have an underlying device in the Linux device hier… redhatsusedebian
CVE-2022-49223 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUG_KOBJECT_RELEASE reports a potential use-after-free in cxl_decod… redhatsusedebian
CVE-2022-50133 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci_plat_remove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a ("usb: host: xhci-plat: omit … redhatsusedebian
CVE-2022-49356 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svc_rdma_build_writes() from walking off the end of a Write chunk's segment array. Ca… redhatsusedebian
CVE-2022-49985 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF run… redhatrockylinuxsusedebian
CVE-2022-50889 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dm_integrity_dtr() Dm_integrity also has the same UAF problem when dm_resume() and dm_destroy() are conc… redhatsusedebian
CVE-2022-49434 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() The sysfs sriov_numvfs_store() path acquires the device lock b… redhatsusedebian
CVE-2022-49371 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_atta… redhatsusedebian
CVE-2022-49294 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check if modulo is 0 before dividing. [How & Why] If a value of 0 is read, then this will cause a divide-by-0 pa… redhatsusedebian
CVE-2022-49539 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER (syste… redhatsusedebian
CVE-2022-49519 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10k_halt during suspend for driver state RESTARTING Double free crash is observed when FW recovery(caused by wmi … redhatsusedebian
CVE-2022-49541 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799 redhatsusedebian
CVE-2022-49081 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in __kmap_local_sched_{in,out} When CONFIG_DEBUG_KMAP_LOCAL is enabled __kmap_local_sched_{in,out} check that… redhatsusedebian
CVE-2022-50431 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() dev_set_name() in soundbus_add_one() allocates memory for name, i… redhatsusedebian
CVE-2022-49587 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently. Thu… redhatsusedebian
CVE-2022-50396 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_set_parms Syzkaller reports a memory leak as follows: ====================================… redhatsusedebian
CVE-2022-49520 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall If a compat process tries to execute an unknown system ca… redhatsusedebian
CVE-2022-50211 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in raid10_remove_disk when running the lvm test lvconvert-raid-reshape.sh. W… redhatsusedebian
CVE-2022-50392 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() The node returned by of_parse_phandle() w… redhatsusedebian
CVE-2022-49442 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_nod… redhatsusedebian
CVE-2022-50363 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: skmsg: pass gfp argument to alloc_sk_msg() syzbot found that alloc_sk_msg() could be called from a non sleepable context. sk_psoc… redhatsusedebian
CVE-2022-50773 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt I got a null-ptr-defer error report when I do the following tests… redhatsusedebian
CVE-2022-49943 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udc_mutex A recent commit expanding the scope of the udc_lock mutex in the gadget … redhatsusedebian
CVE-2022-49080 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be … redhatsusedebian
CVE-2022-49097 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempool_alloc() In a low memory situation, allow the NFS writeback code to fail wit… redhatsusedebian
CVE-2022-50408 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); ma… redhatsusedebian
CVE-2022-49583 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavf_ge… redhatsusedebian
CVE-2022-49565 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. [ 7763.384369] unchecked MSR acce… redhatsusedebian
CVE-2022-49136 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set hci_cmd_sync_queue shall return an error if HCI_UNREGISTER f… redhatsusedebian
CVE-2022-39408 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50583 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use disk_stack_limits to get a proper max_discard_sectors… redhatsusedebian
CVE-2022-50388 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blk_kick_flush has NU… redhatsusedebian
CVE-2022-49372 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: tcp_rtx_synack() can be called from process context Laurent reported the enclosed report [1] This bug triggers with followi… redhatsusedebian
CVE-2022-50516 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a d… redhatsusedebian
CVE-2022-49333 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter b… redhatsusedebian
CVE-2022-50405 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all sk_user_data reader finish before releasing the sock There is a race condition in vxlan that when dele… redhatsusedebian
CVE-2022-49598 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_mtu_probing. While reading sysctl_tcp_mtu_probing, it can be changed concurrently. Thus, we… redhatsusedebian
CVE-2022-50041 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously … redhatsusedebian
CVE-2022-49087 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpc_exit_net() Current code can lead to the following race: CPU0 … redhatsusedebian
CVE-2022-50459 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing t… redhatsusedebian
CVE-2022-49585 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. While reading sysctl_tcp_fastopen_blackhole_timeout, it can be … redhatsusedebian
CVE-2022-50326 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: media: airspy: fix memory leak in airspy probe The commit ca9dc8d06ab6 ("media: airspy: respect the DMA coherency rules") moves … redhatsusedebian
CVE-2022-49589 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_qrv. While reading sysctl_igmp_qrv, it can be changed concurrently. Thus, we need to add … redhatsusedebian
CVE-2022-49588 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_migrate_req. While reading sysctl_tcp_migrate_req, it can be changed concurrently. Thus, we… redhatsusedebian
CVE-2022-49586 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently. Thus, we need … redhatsusedebian
CVE-2022-50512 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_regions() As krealloc may return NULL, in this case 'state->fc_regions' may not… redhatsusedebian
CVE-2022-49723 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix error_state_read ptr + offset use Fix our pointer offset usage in error_state_read when there is no i915_gpu_… redhatsusedebian
CVE-2022-49636 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlan_newlink() Blamed commit added back a bug I fixed in commit 9bbd917e0bec ("vlan: fix memory leak in … redhatsusedebian
CVE-2022-49416 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the n… redhatsusedebian
CVE-2022-50484 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to t… redhatsusedebian
CVE-2022-46699 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-39400 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-49319 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource… redhatsusedebian
CVE-2022-50149 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in __driver_attach In __driver_attach function, There are also AA deadlock problem, like the … redhatsusedebian
CVE-2022-49362 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix potential use-after-free in nfsd_file_put() nfsd_file_put_noref() can free @nf, so don't dereference @nf immediately up… redhatsusedebian
CVE-2022-46692 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50496 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefor… redhatsusedebian
CVE-2022-50452 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue … redhatsusedebian
CVE-2022-21640 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50402 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Check the return value of md_bitmap_get_counter() in case… redhatsusedebian
CVE-2022-46700 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatdebianalmalinux
CVE-2022-3435 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-50427 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() If device_register() fails in snd_ac97_dev_register(), it should … redhatsusedebian
CVE-2022-48696 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the max_raw_read and max_raw_write limits in regmap_spi struct … redhatsusedebian
CVE-2022-49116 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks in l2cap_ecred_connect redhatsusedebian
CVE-2022-33743 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-46698 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-21599 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-21608 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50166 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue i… redhatsusedebian
CVE-2022-50138 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() __qedr_alloc_mr() allocates a memory chunk for "mr->info.pbl_table" wit… redhatsusedebian
CVE-2022-50050 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string ov… redhatsusedebian