CVEs from 2022
Total
5,249
critical
critical 92
high
high 1,233
medium
medium 961
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.4%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-50408 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); ma… | |||
| CVE-2022-50402 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Check the return value of md_bitmap_get_counter() in case… | |||
| CVE-2022-50405 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all sk_user_data reader finish before releasing the sock There is a race condition in vxlan that when dele… | |||
| CVE-2022-50392 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() The node returned by of_parse_phandle() w… | |||
| CVE-2022-50396 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_set_parms Syzkaller reports a memory leak as follows: ====================================… | |||
| CVE-2022-50381 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The re… | |||
| CVE-2022-50385 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so de… | |||
| CVE-2022-50363 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: skmsg: pass gfp argument to alloc_sk_msg() syzbot found that alloc_sk_msg() could be called from a non sleepable context. sk_psoc… | |||
| CVE-2022-50348 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdup_user() call fails, the memory allocated in a previous call a few… | |||
| CVE-2022-50325 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, me… | |||
| CVE-2022-50318 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() pci_get_device() will increase the reference count for … | |||
| CVE-2022-50326 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: media: airspy: fix memory leak in airspy probe The commit ca9dc8d06ab6 ("media: airspy: respect the DMA coherency rules") moves … | |||
| CVE-2022-50306 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4_fc_replay_scan() For scan loop must ensure that at least EXT4_FC_TAG_BASE_LEN space… | |||
| CVE-2022-50285 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages The h->*_huge_pages counters are protected by the hugetlb_lo… | |||
| CVE-2022-49471 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check mac_id to avoid out-of-bounds Somehow, hardware reports incorrect mac_id and pollute memory. Check index before… | |||
| CVE-2022-49416 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the n… | |||
| CVE-2022-49072 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are exposed before they could be comple… | |||
| CVE-2022-49080 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be … | |||
| CVE-2022-49379 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction Mounting NFS rootfs was timing out when deferred_pr… | |||
| CVE-2022-49376 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sd_probe() sees an early error before sdkp->device is initialized, sd_zbc_rel… | |||
| CVE-2022-49371 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_atta… | |||
| CVE-2022-49345 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport __init-annotated xfrm4_protocol_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text s… | |||
| CVE-2022-49328 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mt76: fix use-after-free by removing a non-RCU wcid pointer Fixes an issue caught by KASAN about use-after-free in mt76_txq_sched… | |||
| CVE-2022-49323 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() It will cause null-ptr-deref when using 'res', if platform… | |||
| CVE-2022-49283 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: sysfb: fix platform-device leak in error path Make sure to free the platform device also in the unlikely event that reg… | |||
| CVE-2022-49275 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_tx_handler(): fix use after free of skb can_put_echo_skb() will clone skb then free the skb. Move the can_put_e… | |||
| CVE-2022-49207 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in sk_psock_queue_msg If tcp_bpf_sendmsg is running during a tear down operation we may enqueue data on… | |||
| CVE-2022-49205 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix double uncharge the mem of sk_msg If tcp_bpf_sendmsg is running during a tear down operation, psock may be free… | |||
| CVE-2022-49204 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has more_data In tcp_bpf_send_verdict(), if msg has more data after tcp_bpf_sendmsg_re… | |||
| CVE-2022-42824 | high | — | 8.0 | 3y ago | A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web co… | |||
| CVE-2022-42799 | high | — | 8.0 | 3y ago | The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user … | |||
| CVE-2022-46691 | high | — | 8.0 | 3y ago | A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watc… | |||
| CVE-2022-42823 | high | — | 8.0 | 3y ago | A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafte… | |||
| CVE-2022-42867 | high | — | 8.0 | 3y ago | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously … | |||
| CVE-2022-42863 | high | — | 8.0 | 3y ago | A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciousl… | |||
| CVE-2022-42826 | high | — | 8.0 | 3y ago | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead… | |||
| CVE-2022-48701 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID … | |||
| CVE-2022-49429 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1_CAP_SDMA off, a call to hfi1_write_iter() w… | |||
| CVE-2022-50083 | high | — | 8.0 | 3y ago | RHSA-2023:7077: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2022-49935 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dma_resv object we always assumed … | |||
| CVE-2022-48696 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the max_raw_read and max_raw_write limits in regmap_spi struct … | |||
| CVE-2022-39400 | high | — | 8.0 | 3y ago | RHSA-2023:3087: mysql:8.0 security, bug fix, and enhancement update (Important) | |||
| CVE-2022-49595 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_threshold. While reading sysctl_tcp_probe_threshold, it can be changed concurrently.… | |||
| CVE-2022-49552 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. The combination of jit blinding and pointers to bpf subprogs c… | |||
| CVE-2022-49632 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can b… | |||
| CVE-2022-49600 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_ip_autobind_reuse. While reading sysctl_ip_autobind_reuse, it can be changed concurrently. Thus… | |||
| CVE-2022-50583 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use disk_stack_limits to get a proper max_discard_sectors… | |||
| CVE-2022-49862 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header This is a follow-up for commit 974cb0e3e7c9 ("tipc:… | |||
| CVE-2022-49853 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: i… | |||
| CVE-2022-49960 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix null pointer dereference Asus chromebook CX550 crashes during boot on v5.17-rc1 kernel. The root cause is null poin… | |||
| CVE-2022-50580 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that… | |||
| CVE-2022-49223 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUG_KOBJECT_RELEASE reports a potential use-after-free in cxl_decod… | |||
| CVE-2022-49442 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_nod… | |||
| CVE-2022-49942 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel … | |||
| CVE-2022-48695 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: re… | |||
| CVE-2022-49911 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: enforce documented limit to prevent allocating huge memory Daniel Xu reported that the hash:net,iface type of t… | |||
| CVE-2022-32888 | high | — | 8.0 | 3y ago | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6… | |||
| CVE-2022-32923 | high | — | 8.0 | 3y ago | A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. … | |||
| CVE-2022-49604 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently. Thus, we … | |||
| CVE-2022-49848 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-combo: fix NULL-deref on runtime resume Commit fc64623637da ("phy: qcom-qmp-combo,usb: add support for separate PCS… | |||
| CVE-2022-49596 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_min_snd_mss. While reading sysctl_tcp_min_snd_mss, it can be changed concurrently. Thus, we… | |||
| CVE-2022-49612 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions power_supply_temp2resist_simple and power_supply_ocv2… | |||
| CVE-2022-49603 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_update_priority. While reading sysctl_ip_fwd_update_priority, it can be changed concurren… | |||
| CVE-2022-49587 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently. Thu… | |||
| CVE-2022-49585 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. While reading sysctl_tcp_fastopen_blackhole_timeout, it can be … | |||
| CVE-2022-49602 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_fwmark_reflect. While reading sysctl_fwmark_reflect, it can be changed concurrently. Thus, we n… | |||
| CVE-2022-49022 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_dura… | |||
| CVE-2022-32886 | high | — | 8.0 | 3y ago | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitra… | |||
| CVE-2022-49586 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently. Thus, we need … | |||
| CVE-2022-49136 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set hci_cmd_sync_queue shall return an error if HCI_UNREGISTER f… | |||
| CVE-2022-25881 | high | — | 8.0 | 3y ago | RHSA-2023:1743: nodejs:14 security, bug fix, and enhancement update (Important) | |||
| CVE-2022-48992 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Add NULL check in BE reparenting Add NULL check in dpcm_be_reparent API, to handle kernel NULL pointer dereference… | |||
| CVE-2022-49372 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: tcp_rtx_synack() can be called from process context Laurent reported the enclosed report [1] This bug triggers with followi… | |||
| CVE-2022-49599 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_l3mdev_accept. While reading sysctl_tcp_l3mdev_accept, it can be changed concurrently. Thus… | |||
| CVE-2022-48338 | high | — | 8.0 | 3y ago | Important: emacs security update | |||
| CVE-2022-49214 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 ("powerpc/mm: Show if a bad page fault on data is read or w… | |||
| CVE-2022-46698 | high | — | 8.0 | 3y ago | A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing malicio… | |||
| CVE-2022-49588 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_migrate_req. While reading sysctl_tcp_migrate_req, it can be changed concurrently. Thus, we… | |||
| CVE-2022-49688 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afs_getattr consult the server didn't account for the pseudo-inodes employ… | |||
| CVE-2022-49593 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_interval. While reading sysctl_tcp_probe_interval, it can be changed concurrently. T… | |||
| CVE-2022-46700 | high | — | 8.0 | 3y ago | A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watc… | |||
| CVE-2022-49236 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btf_try_get_module and load_module While working on code to populate kfunc BTF ID sets for modul… | |||
| CVE-2022-49434 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() The sysfs sriov_numvfs_store() path acquires the device lock b… | |||
| CVE-2022-49638 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add REA… | |||
| CVE-2022-49010 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is … | |||
| CVE-2022-48978 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hid_report_raw_event Syzbot reported shift-out-of-bounds in hid_report_raw_event. microsof… | |||
| CVE-2022-49589 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_qrv. While reading sysctl_igmp_qrv, it can be changed concurrently. Thus, we need to add … | |||
| CVE-2022-48976 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable_offload: fix using __this_cpu_add in preemptible flow_offload_queue_work() can be called in workqueue withou… | |||
| CVE-2022-49629 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we n… | |||
| CVE-2022-48942 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it… | |||
| CVE-2022-48934 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() ida_simple_get() returns an id between min (0) and max (NFP_MAX_… | |||
| CVE-2022-49583 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavf_ge… | |||
| CVE-2022-49539 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER (syste… | |||
| CVE-2022-50839 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without… | |||
| CVE-2022-46699 | high | — | 8.0 | 3y ago | A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciousl… | |||
| CVE-2022-49920 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: netlink notifier might race to release objects commit release path is invoked via call_rcu and it runs lock… | |||
| CVE-2022-49659 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits In commit 1be37d3b0414 ("can: m_can: fix periph RX… | |||
| CVE-2022-49934 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF … | |||
| CVE-2022-49070 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix unregistering of framebuffers without device OF framebuffers do not have an underlying device in the Linux device hier… | |||
| CVE-2022-4662 | high | — | 8.0 | 3y ago | A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. |