VIR Vulnerability Intelligence Relay

CVEs from 2022

6,001 normalized CVEs published or assigned in this year.

Total
6,001
critical
critical 88
high
high 1,239
medium
medium 887
low
low 24
% Critical
1.5%
% with KEV
2.2%
% with exploit
2.2%

Top vendors

Top products

  • jdk 116
  • jre 109
  • openjdk 100
  • zulu 82
  • graalvm 74
  • cloud_secure_agent 35
  • oncommand_insight 34
  • cloud_insights_acquisition_unit 34

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2022-50151 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: [ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to… redhatsusedebian
CVE-2022-49629 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we n… redhatsusedebian
CVE-2022-50405 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all sk_user_data reader finish before releasing the sock There is a race condition in vxlan that when dele… redhatsusedebian
CVE-2022-49589 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_qrv. While reading sysctl_igmp_qrv, it can be changed concurrently. Thus, we need to add … redhatsusedebian
CVE-2022-48974 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using __this_cpu_add in preemptible Currently in nf_conntrack_hash_check_insert(), when it fails in nf_… redhatsusedebian
CVE-2022-49585 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. While reading sysctl_tcp_fastopen_blackhole_timeout, it can be … redhatsusedebian
CVE-2022-46698 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49111 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving HCI_EV_DISCONN_PHY_LINK_COMPLETE… redhatsusedebian
CVE-2022-42852 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50014 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW Ever since the Dirty COW (CVE-2016-5195) security issue happened, w… redhatsusedebian
CVE-2022-49594 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. While reading sysctl_tcp_mtu_probe_floor, it can be changed concurrently.… redhatsusedebian
CVE-2022-49236 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btf_try_get_module and load_module While working on code to populate kfunc BTF ID sets for modul… redhatsusedebian
CVE-2022-49936 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ===… redhatsusedebian
CVE-2022-49595 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_threshold. While reading sysctl_tcp_probe_threshold, it can be changed concurrently.… redhatsusedebian
CVE-2022-49588 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_migrate_req. While reading sysctl_tcp_migrate_req, it can be changed concurrently. Thus, we… redhatsusedebian
CVE-2022-50156 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112_xfer() Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memc… redhatsusedebian
CVE-2022-49087 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpc_exit_net() Current code can lead to the following race: CPU0 … redhatsusedebian
CVE-2022-50768 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause … redhatsusedebian
CVE-2022-49552 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. The combination of jit blinding and pointers to bpf subprogs c… redhatsusedebian
CVE-2022-49586 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently. Thus, we need … redhatsusedebian
CVE-2022-49434 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() The sysfs sriov_numvfs_store() path acquires the device lock b… redhatsusedebian
CVE-2022-3028 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-50403 high 8.0 3y ago RHSA-2023:2458: kernel security, bug fix, and enhancement update (Important) redhatsuse
CVE-2022-32888 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50698 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() If clk_hw_register() fails, the corresponding clk should n… redhatsusedebian
CVE-2022-50168 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpf_prog_pack syzbot reported a few issues with bpf_prog_pack [1], [2]. This only happens … redhatsusedebian
CVE-2022-50153 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe of_find_compatible_node() returns a node pointer with refcount incremented,… redhatsusedebian
CVE-2022-3625 high 8.0 3y ago Important: kernel-rt security and bug fix update redhatsusedebianalmalinux
CVE-2022-50007 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in __xfrm_policy_check() The issue happens on an error path in __xfrm_policy_check(). When the fetching p… redhatsusedebian
CVE-2022-36280 high 8.0 3y ago An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. … archredhatsusedebian
CVE-2022-3524 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-42799 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49942 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel … redhatsusedebian
CVE-2022-50396 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_set_parms Syzkaller reports a memory leak as follows: ====================================… redhatsusedebian
CVE-2022-49630 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus,… redhatsusedebian
CVE-2022-46700 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatdebianalmalinux
CVE-2022-49959 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovs_dp_cmd_new()->ovs_dp_change()->ovs_dp_set_upcall_portids() allocates… redhatsusedebian
CVE-2022-21611 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50190 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: spi: Fix simplification of devm_spi_register_controller This reverts commit 59ebbe40fb51 ("spi: simplify devm_spi_register_contro… redhatsusedebian
CVE-2022-50738 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit 3d5698793897 ("vhost-vdpa: introduce asid based IOTLB") we called vhost_vdpa_i… redhatsusedebian
CVE-2022-50070 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ip… redhatsusedebian
CVE-2022-50166 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue i… redhatsusedebian
CVE-2022-50194 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register Every iteration of for_each_available_child_of_node() decremen… redhatsusedebian
CVE-2022-39408 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50452 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue … redhatsusedebian
CVE-2022-50088 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: fix potential memory leak in damon_reclaim_init() damon_reclaim_init() allocates a memory chunk for ctx with da… redhatsusedebian
CVE-2022-46699 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50402 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Check the return value of md_bitmap_get_counter() in case… redhatsusedebian
CVE-2022-48939 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1… redhatsusedebian
CVE-2022-50580 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that… redhatsusedebian
CVE-2022-42826 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50271 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, a… redhatsusedebian
CVE-2022-42867 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-42823 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-3628 high 8.0 3y ago Important: kernel-rt security and bug fix update archredhatsusedebian+1
CVE-2022-32886 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update archredhatsusedebian+1
CVE-2022-32923 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49943 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udc_mutex A recent commit expanding the scope of the udc_lock mutex in the gadget … redhatsusedebian
CVE-2022-42863 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49333 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter b… redhatsusedebian
CVE-2022-21640 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50752 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate… redhatsusedebian
CVE-2022-39400 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-46692 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-49116 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks in l2cap_ecred_connect redhatsusedebian
CVE-2022-49114 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the refer… redhatsusedebian
CVE-2022-50531 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipc_topsrv_kern_subscr Use a 8-byte write to initialize sub.usr_handle in tipc_topsrv_kern_subs… redhatsusedebian
CVE-2022-49319 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource… redhatsusedebian
CVE-2022-50086 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rq_qos add more than once In our test of iocost, we encountered some list add/del corruptions of… redhatsusedebian
CVE-2022-21637 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-42824 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-46691 high 8.0 3y ago Important: webkit2gtk3 security and bug fix update redhatsusedebianalmalinux
CVE-2022-50325 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, me… redhatsusedebian
CVE-2022-49379 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction Mounting NFS rootfs was timing out when deferred_pr… redhatsusedebian
CVE-2022-49632 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can b… redhatsusedebian
CVE-2022-50206 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insn_emulation sysctls emulation_proc_handler() changes table->data for proc_dointvec_min… redhatsusedebian
CVE-2022-50079 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check correct bounds for stream encoder instances for DCN303 [Why & How] eng_id for DCN303 cannot be more than 1… redhatsusedebian
CVE-2022-50861 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdr_stream conversion inadvertently left some code that set the page_… redhatsusedebian
CVE-2022-50196 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ocmem: Fix refcount leak in of_get_ocmem of_parse_phandle() returns a node pointer with refcount incremented, we shoul… redhatsusedebian
CVE-2022-21633 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux
CVE-2022-50003 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t… redhatsusedebian
CVE-2022-49985 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF run… redhatrockylinuxsusedebian
CVE-2022-50164 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue After successfull station association, if station queues are… redhatsusedebian
CVE-2022-49593 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_interval. While reading sysctl_tcp_probe_interval, it can be changed concurrently. T… redhatsusedebian
CVE-2022-49587 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently. Thu… redhatsusedebian
CVE-2022-50006 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with __nfs42_ssc_open A destination server while doing a COPY shouldn't accept using the passed in filehandl… redhatsusedebian
CVE-2022-50484 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to t… redhatsusedebian
CVE-2022-49362 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix potential use-after-free in nfsd_file_put() nfsd_file_put_noref() can free @nf, so don't dereference @nf immediately up… redhatsusedebian
CVE-2022-49726 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() EXPORT_SYMBOL and __init is a bad combination because the .… redhatsusedebian
CVE-2022-49492 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (t… redhatsusedebian
CVE-2022-50816 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report [1] with no reproducer hints at a bug in ip6_gre tunnel (dev:ip6gre… redhatsusedebian
CVE-2022-50496 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefor… redhatsusedebian
CVE-2022-50157 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains() of_get_next_child() returns a node pointer with refcount incremen… redhatsusedebian
CVE-2022-49951 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to devi… redhatsusedebian
CVE-2022-50410 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by… redhatsusedebian
CVE-2022-49647 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading css_sets for migration Each cset (css_set) is pinned by its tasks. When we're … redhatsusedebian
CVE-2022-50615 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() pci_get_device() will increase the reference count for t… redhatsusedebian
CVE-2022-50015 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firm… redhatsusedebian
CVE-2022-50069 high 8.0 3y ago In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpf_sys_bpf() The bpf_sys_bpf() helper function allows an eBPF program to load anot… redhatsusedebian
CVE-2022-21625 high 8.0 3y ago Important: mysql security update redhatdebianalmalinux