The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2022-2929 | In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory. | -- | Oct 7, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-2953 | LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. | -- | Aug 29, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-2964 | A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. | -- | Aug 28, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-2977 | A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system. | -- | Sep 17, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-2978 | A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | -- | Aug 24, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-2980 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. | -- | Aug 27, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-2991 | A heap-based buffer overflow was found in the Linux kernel\'s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. | -- | Aug 25, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3028 | A race condition was found in the Linux kernel\'s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | -- | Sep 3, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3061 | Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn\'t check the value of \'pixclock\', so it may cause a divide by zero error. | -- | Sep 1, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3202 | A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information. | -- | Sep 16, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3234 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | -- | Sep 17, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3239 | A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | -- | Sep 21, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3256 | Use After Free in GitHub repository vim/vim prior to 9.0.0530. | -- | Sep 23, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3524 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability. | -- | Oct 16, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3550 | A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051. | -- | Oct 19, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3551 | A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052. | -- | Oct 19, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3553 | A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier VDB-211053 was assigned to this vulnerability. | -- | Oct 19, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3577 | An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write. | -- | Oct 20, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3586 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. | -- | Oct 21, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3594 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363. | -- | Oct 20, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3621 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920. | -- | Oct 20, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3629 | A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. | -- | Oct 21, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3635 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability. | -- | Oct 21, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3646 | A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. | -- | Oct 21, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-3775 | When rendering certain unicode sequences, grub2\'s font code doesn\'t proper validate if the informed glyph\'s width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2\'s heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. | -- | Nov 17, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-20368 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | -- | Aug 4, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-20369 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel | -- | Aug 4, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-21123 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | LOW | Jun 18, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-21125 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | LOW | Jun 18, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-21127 | Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | LOW | Jun 16, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-21151 | Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | LOW | May 12, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-21166 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | LOW | Jun 18, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-21233 | Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | LOW | Aug 11, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-21385 | A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) | -- | Sep 1, 2022 | 10.17.41.27 (Wind River Linux LTS 17) |
CVE-2022-22576 | An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). | MEDIUM | Apr 28, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22719 | A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. | MEDIUM | Mar 14, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22720 | Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling | HIGH | Mar 14, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22721 | If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. | MEDIUM | Mar 14, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22747 | After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | -- | Jan 14, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22818 | The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. | MEDIUM | Feb 11, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22822 | addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | HIGH | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22823 | build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | HIGH | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22824 | defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | HIGH | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22825 | lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | MEDIUM | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22826 | nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | MEDIUM | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22827 | storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | MEDIUM | Jan 9, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-22844 | LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. | MEDIUM | Jan 10, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-23036 | Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\'t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | MEDIUM | Mar 11, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-23037 | Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\'t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | MEDIUM | Mar 11, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |
CVE-2022-23038 | Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\'t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | MEDIUM | Mar 11, 2022 | 10.17.41.26 (Wind River Linux LTS 17) |