The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2022-2522 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. | -- | Jul 27, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-27664 | In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. | -- | Jul 22, 2022 | 10.19.45.26 (Wind River Linux LTS 19) |
CVE-2021-46828 | In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections. | -- | Jul 20, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2021-33656 | When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | -- | Jul 19, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2021-33655 | When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | -- | Jul 23, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-2380 | The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. | -- | Jul 14, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-2320 | A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root. | -- | Jul 13, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-2319 | A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length. | -- | Jul 13, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-32148 | Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. | -- | Jul 4, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-30635 | Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures. | -- | Jul 4, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-28131 | Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. | -- | Jul 4, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-2153 | A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. | -- | Jun 23, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-30632 | Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators. | -- | Jun 20, 2022 | 10.19.45.27 (Wind River Linux LTS 19) |
CVE-2022-2122 | DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. | -- | Jun 20, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1925 | DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can\'t be triggered, however the matroskaparse element has no size checks. | -- | Jun 17, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1924 | DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | -- | Jun 17, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1923 | DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | -- | Jun 17, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1922 | DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | -- | Jun 17, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1921 | Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. | -- | Jun 17, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1920 | Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. | -- | Jun 17, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-28737 | There\'s a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario. | -- | Jun 9, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-28736 | There\'s a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn\'t support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2\'s memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved. | -- | Jun 9, 2022 | 10.19.45.27 (Wind River Linux LTS 19) |
CVE-2022-28735 | The GRUB2\'s shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain. | -- | Jun 9, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-28734 | Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It\'s conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2\'s internal memory metadata. | -- | Jun 9, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-28733 | Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer. | -- | Jun 9, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2021-4159 | A vulnerability was found in the Linux kernel\'s EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. | -- | Jun 9, 2022 | 10.19.45.26 (Wind River Linux LTS 19) |
CVE-2022-30631 | Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. | -- | Jun 1, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-1975 | There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space. | -- | Jun 6, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1974 | A use-after-free flaw was found in the Linux kernel\'s NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information. | -- | Jun 6, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-30629 | Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. | -- | May 20, 2022 | 10.19.45.26 (Wind River Linux LTS 19) |
CVE-2022-1836 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-33981. Reason: This candidate is a reservation duplicate of CVE-2022-33981. Notes: All CVE users should reference CVE-2022-33981 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | -- | May 25, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1729 | A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. | -- | May 23, 2022 | 10.19.45.25 (Wind River Linux LTS 19) |
CVE-2022-1552 | A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user\'s objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity. | -- | May 12, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1012 | A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. | -- | May 12, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1355 | A stack buffer overflow flaw was found in Libtiffs\' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. | -- | Apr 24, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-1354 | A heap buffer overflow flaw was found in Libtiffs\' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. | -- | Apr 24, 2022 | 10.19.45.27 (Wind River Linux LTS 19) |
CVE-2022-1184 | A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. | -- | Apr 20, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2021-4209 | A NULL pointer dereference flaw was found in GnuTLS. As Nettle\'s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances. | -- | Apr 12, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-1158 | A flaw was found in KVM. When updating a guest\'s page table entry, vm_pgoff was improperly used as the offset to get the page\'s pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. | -- | Apr 10, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
CVE-2022-1205 | A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. | -- | Apr 4, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-1204 | A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. | -- | Apr 4, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-1199 | A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. | -- | Apr 4, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-1198 | A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space. | -- | Apr 4, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-1016 | A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle \'return\' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. | -- | Mar 30, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-0934 | A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service. | -- | Apr 2, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-0216 | A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service. | -- | Apr 4, 2022 | 10.19.45.26 (Wind River Linux LTS 19) |
CVE-2022-25310 | A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. | -- | Mar 26, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-25309 | A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the \'--caprtl\' option, leading to a crash and causing a denial of service. | -- | Mar 26, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-25308 | A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. | -- | Mar 26, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
CVE-2022-0850 | A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. | -- | Mar 6, 2022 | 10.19.45.22 (Wind River Linux LTS 19) |