admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-05 10:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-05-01T16:00:21.081743+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-05-01 16:03:56 +00:00
parent 52cba044ae
commit 54f7a5cfab
385 changed files with 14455 additions and 1116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

326
CVE-2008/CVE-2008-08xx/CVE-2008-0888.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-0888",
"sourceIdentifier": "secalert@redhat.com",
"published": "2008-03-17T21:44:00.000",
"lastModified": "2025-04-29T14:55:30.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-05-01T15:33:00.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,8 +63,70 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:info-zip:unzip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5801A0-47DF-4BEA-94F6-6DF936CC0870"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6.3",
"matchCriteriaId": "04C722E3-68B2-4E05-BFE0-1F2139151165"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:unzip_project:unzip:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0",
"matchCriteriaId": "35DEE12E-4FBC-4641-A3A2-88E5EF0B1F32"
}
]
}
@ -74,66 +136,80 @@
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/29392",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29406",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29415",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29427",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29432",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29440",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29495",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29681",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
@ -141,163 +217,229 @@
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/31204",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-200804-06.xml",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT4077",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0116",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.debian.org/security/2008/dsa-1522",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:068",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0196.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/489967/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/28288",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securitytracker.com/id?1019634",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.ubuntu.com/usn/usn-589-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/0913/references",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/1744",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41246",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://issues.rpath.com/browse/RPL-2317",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9733",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/29392",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29406",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29415",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29427",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29432",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29440",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29495",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29681",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
@ -305,100 +447,152 @@
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/31204",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-200804-06.xml",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT4077",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0116",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.debian.org/security/2008/dsa-1522",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:068",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0196.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/489967/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/28288",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securitytracker.com/id?1019634",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.ubuntu.com/usn/usn-589-1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/0913/references",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/1744",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41246",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://issues.rpath.com/browse/RPL-2317",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9733",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

8
CVE-2017/CVE-2017-98xx/CVE-2017-9844.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2017-9844",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-07-12T16:29:00.420",
"lastModified": "2025-04-20T01:37:25.860",
"lastModified": "2025-05-01T15:15:52.720",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804."
"value": "SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer deserializes a malicious object that may cause legitimate users accessing a service, either by crashing or flooding the service."
},
{
"lang": "es",
@ -106,6 +106,10 @@
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/",
"source": "cve@mitre.org"
},
{
"url": "https://me.sap.com/notes/2399804",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/96865",
"source": "af854a3a-2127-422b-91ae-364da2661108",

158
CVE-2020/CVE-2020-119xx/CVE-2020-11993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-11993",
"sourceIdentifier": "security@apache.org",
"published": "2020-08-07T16:15:11.887",
"lastModified": "2024-11-21T04:59:04.190",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:40:19.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -87,8 +87,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.20",
"versionEndIncluding": "2.4.43",
"matchCriteriaId": "F8D242EA-720D-45EE-B8FA-181F1CCB5D6E"
"versionEndExcluding": "2.4.44",
"matchCriteriaId": "D75F1269-3F0E-4083-B68D-DF4BAFB3381B"
}
]
}
@ -294,63 +294,108 @@
},
{
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202008-04",
@ -436,63 +481,108 @@
},
{
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202008-04",

25
CVE-2020/CVE-2020-367xx/CVE-2020-36790.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2020-36790",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:54.020",
"lastModified": "2025-05-01T15:15:54.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a memory leak\n\nWe forgot to free new_model_number"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/227064b2ca9e62270ed445665ae849c73f0dfb2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/382fee1a8b623e2546a3e15e80517389e0e0673e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2021/CVE-2021-263xx/CVE-2021-26360.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26360",
"sourceIdentifier": "psirt@amd.com",
"published": "2022-11-09T21:15:11.690",
"lastModified": "2024-11-21T05:56:12.317",
"lastModified": "2025-05-01T15:15:54.130",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-263xx/CVE-2021-26391.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26391",
"sourceIdentifier": "psirt@amd.com",
"published": "2022-11-09T21:15:12.150",
"lastModified": "2024-11-21T05:56:16.620",
"lastModified": "2025-05-01T15:15:54.320",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"configurations": [

81
CVE-2021/CVE-2021-331xx/CVE-2021-33193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33193",
"sourceIdentifier": "security@apache.org",
"published": "2021-08-16T08:15:11.480",
"lastModified": "2024-11-21T06:08:29.210",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:40:12.163",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -77,6 +77,21 @@
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
},
{
"nodes": [
{
@ -87,8 +102,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.17",
"versionEndIncluding": "2.4.48",
"matchCriteriaId": "C700D9C3-7023-48A7-8A76-70597D99829E"
"versionEndExcluding": "2.4.49",
"matchCriteriaId": "D8347A4B-8AA1-4BA6-9C58-8BC8EE9B1408"
}
]
}
@ -157,29 +172,44 @@
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portswigger.net/research/http2",
@ -237,29 +267,44 @@
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://portswigger.net/research/http2",

158
CVE-2021/CVE-2021-361xx/CVE-2021-36160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36160",
"sourceIdentifier": "security@apache.org",
"published": "2021-09-16T15:15:07.330",
"lastModified": "2024-11-21T06:13:13.723",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:40:05.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -97,8 +97,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.30",
"versionEndIncluding": "2.4.48",
"matchCriteriaId": "C16E260F-1413-466B-9EFA-0196E6B5A0BB"
"versionEndExcluding": "2.4.49",
"matchCriteriaId": "852E3D1D-FCA3-4284-B77B-2A9C57D5B083"
}
]
}
@ -261,55 +261,94 @@
},
{
"url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r73260f6ba9fb52e43d860905fc90462ba5a814afda2d011f32bbd41c%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r7f2746e916ed370239bc1a1025e5ebbf345f79df9ea0ea39e44acfbb%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r94a61a1517133a19dcf40016e87454ea86e355d06a0cec4c778530f3%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ra1c05a392587bfe34383dffe1213edc425de8d4afc25b7cefab3e781%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ra87a69d0703d09dc52b86e32b08f8d7327af10acdd5f577a4e82596a%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rb2341c8786d0f9924f5b666e82d8d170b4804f50a523d750551bef1a%40%3Cbugs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00016.html",
@ -329,11 +368,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -389,55 +434,94 @@
},
{
"url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r73260f6ba9fb52e43d860905fc90462ba5a814afda2d011f32bbd41c%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r7f2746e916ed370239bc1a1025e5ebbf345f79df9ea0ea39e44acfbb%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r94a61a1517133a19dcf40016e87454ea86e355d06a0cec4c778530f3%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ra1c05a392587bfe34383dffe1213edc425de8d4afc25b7cefab3e781%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ra87a69d0703d09dc52b86e32b08f8d7327af10acdd5f577a4e82596a%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/rb2341c8786d0f9924f5b666e82d8d170b4804f50a523d750551bef1a%40%3Cbugs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00016.html",
@ -457,11 +541,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

68
CVE-2021/CVE-2021-392xx/CVE-2021-39275.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-39275",
"sourceIdentifier": "security@apache.org",
"published": "2021-09-16T15:15:07.580",
"lastModified": "2024-11-21T06:19:05.913",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:39:40.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -86,8 +86,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.48",
"matchCriteriaId": "1691C7CE-5CDA-4B9A-854E-3B58C1115526"
"versionEndExcluding": "2.4.49",
"matchCriteriaId": "482A1EA3-C8EB-46B6-BFD8-562D7515A383"
}
]
}
@ -242,19 +242,31 @@
},
{
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
@ -266,11 +278,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -333,19 +351,31 @@
},
{
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
@ -357,11 +387,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

58
CVE-2021/CVE-2021-447xx/CVE-2021-44790.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44790",
"sourceIdentifier": "security@apache.org",
"published": "2021-12-20T12:15:07.440",
"lastModified": "2024-11-21T06:31:33.257",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:38:06.313",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -96,8 +96,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.51",
"matchCriteriaId": "5D91E7B1-C692-4ECB-BFDF-968D8F8A5832"
"versionEndExcluding": "2.4.52",
"matchCriteriaId": "03FD29A5-886E-4561-97D0-2267DA27A47D"
}
]
}
@ -354,7 +354,10 @@
},
{
"url": "http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Exploit"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/May/33",
@ -390,19 +393,31 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -485,7 +500,10 @@
},
{
"url": "http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/May/33",
@ -521,19 +539,31 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

32
CVE-2022/CVE-2022-238xx/CVE-2022-23831.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23831",
"sourceIdentifier": "psirt@amd.com",
"published": "2022-11-09T21:15:13.817",
"lastModified": "2024-11-21T06:49:20.480",
"lastModified": "2025-05-01T15:15:54.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

38
CVE-2022/CVE-2022-239xx/CVE-2022-23943.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23943",
"sourceIdentifier": "security@apache.org",
"published": "2022-03-14T11:15:09.187",
"lastModified": "2024-11-21T06:49:29.970",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:37:55.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -101,8 +101,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.52",
"matchCriteriaId": "7B9D7ED5-E23A-4A60-9A6D-AB0D9BF73775"
"versionEndExcluding": "2.4.53",
"matchCriteriaId": "322531FA-AC60-496C-A9A8-0643BEB09B53"
}
]
}
@ -200,15 +200,24 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -271,15 +280,24 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

32
CVE-2022/CVE-2022-260xx/CVE-2022-26088.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26088",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T21:15:09.920",
"lastModified": "2024-11-21T06:53:24.367",
"lastModified": "2025-05-01T14:15:23.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

28
CVE-2022/CVE-2022-263xx/CVE-2022-26377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26377",
"sourceIdentifier": "security@apache.org",
"published": "2022-06-09T17:15:09.077",
"lastModified": "2024-11-21T06:53:52.710",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:35:56.423",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -97,8 +97,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndIncluding": "2.4.53",
"matchCriteriaId": "07C96DF9-EA08-41EE-B971-58C3732F80E5"
"versionEndExcluding": "2.4.54",
"matchCriteriaId": "0F2EC352-2026-4DC3-93DB-669A9E7BBC74"
}
]
}
@ -158,11 +158,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -195,11 +201,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

32
CVE-2022/CVE-2022-276xx/CVE-2022-27673.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27673",
"sourceIdentifier": "psirt@amd.com",
"published": "2022-11-09T21:15:14.077",
"lastModified": "2024-11-21T06:56:09.100",
"lastModified": "2025-05-01T14:15:24.967",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-276xx/CVE-2022-27674.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27674",
"sourceIdentifier": "psirt@amd.com",
"published": "2022-11-09T21:15:14.270",
"lastModified": "2024-11-21T06:56:09.207",
"lastModified": "2025-05-01T15:15:54.900",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

28
CVE-2022/CVE-2022-286xx/CVE-2022-28615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28615",
"sourceIdentifier": "security@apache.org",
"published": "2022-06-09T17:15:09.230",
"lastModified": "2024-11-21T06:57:35.197",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:35:44.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -96,8 +96,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.53",
"matchCriteriaId": "B39537A1-5A13-491A-B333-BB53FF718EA7"
"versionEndExcluding": "2.4.54",
"matchCriteriaId": "A3DA5BBE-FEDA-4993-8725-73E882341E4C"
}
]
}
@ -157,11 +157,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -194,11 +200,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

28
CVE-2022/CVE-2022-305xx/CVE-2022-30556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30556",
"sourceIdentifier": "security@apache.org",
"published": "2022-06-09T17:15:09.867",
"lastModified": "2024-11-21T07:02:55.957",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:35:37.577",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -96,8 +96,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.53",
"matchCriteriaId": "B39537A1-5A13-491A-B333-BB53FF718EA7"
"versionEndExcluding": "2.4.54",
"matchCriteriaId": "A3DA5BBE-FEDA-4993-8725-73E882341E4C"
}
]
}
@ -157,11 +157,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -194,11 +200,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

28
CVE-2022/CVE-2022-318xx/CVE-2022-31813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-31813",
"sourceIdentifier": "security@apache.org",
"published": "2022-06-09T17:15:09.977",
"lastModified": "2024-11-21T07:05:22.590",
"vulnStatus": "Modified",
"lastModified": "2025-05-01T15:35:29.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -96,8 +96,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.53",
"matchCriteriaId": "B39537A1-5A13-491A-B333-BB53FF718EA7"
"versionEndExcluding": "2.4.54",
"matchCriteriaId": "A3DA5BBE-FEDA-4993-8725-73E882341E4C"
}
]
}
@ -157,11 +157,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",
@ -194,11 +200,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202208-20",

34
CVE-2022/CVE-2022-32xx/CVE-2022-3238.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3238",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-11-14T21:15:16.163",
"lastModified": "2024-11-21T07:19:07.107",
"lastModified": "2025-05-01T14:15:27.813",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,13 +36,33 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -52,6 +72,16 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{

22
CVE-2022/CVE-2022-333xx/CVE-2022-33322.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-33322",
"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"published": "2022-11-08T20:15:11.017",
"lastModified": "2024-11-21T07:08:11.070",
"lastModified": "2025-05-01T15:15:55.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

32
CVE-2022/CVE-2022-357xx/CVE-2022-35740.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35740",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T21:15:10.230",
"lastModified": "2024-11-21T07:11:34.837",
"lastModified": "2025-05-01T14:15:25.520",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-369xx/CVE-2022-36938.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36938",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2022-11-11T00:15:10.193",
"lastModified": "2024-11-21T07:14:06.943",
"lastModified": "2025-05-01T14:15:25.820",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2022/CVE-2022-372xx/CVE-2022-37290.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-37290",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-14T08:15:09.387",
"lastModified": "2024-11-21T07:14:41.897",
"lastModified": "2025-05-01T14:15:26.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-379xx/CVE-2022-37900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-37900",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2022-12-12T13:15:12.677",
"lastModified": "2024-11-21T07:15:20.537",
"lastModified": "2025-05-01T15:15:55.493",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-381xx/CVE-2022-38167.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38167",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-14T21:15:14.390",
"lastModified": "2024-11-21T07:15:55.687",
"lastModified": "2025-05-01T14:15:26.760",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-386xx/CVE-2022-38651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38651",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T05:15:12.630",
"lastModified": "2024-11-21T07:16:51.790",
"lastModified": "2025-05-01T14:15:27.147",
"vulnStatus": "Modified",
"cveTags": [
{
@ -43,6 +43,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -56,6 +76,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-390xx/CVE-2022-39069.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39069",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2022-11-08T18:15:11.343",
"lastModified": "2024-11-21T07:17:29.650",
"lastModified": "2025-05-01T14:15:27.523",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-407xx/CVE-2022-40773.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40773",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T04:15:09.010",
"lastModified": "2024-11-21T07:22:02.230",
"lastModified": "2025-05-01T14:15:28.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-413xx/CVE-2022-41339.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41339",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T04:15:09.777",
"lastModified": "2024-11-21T07:23:04.903",
"lastModified": "2025-05-01T14:15:28.587",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-430xx/CVE-2022-43030.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43030",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-14T23:15:11.820",
"lastModified": "2024-11-21T07:25:49.207",
"lastModified": "2025-05-01T14:15:28.807",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-521"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-521"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-430xx/CVE-2022-43031.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43031",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T21:15:17.707",
"lastModified": "2024-11-21T07:25:49.380",
"lastModified": "2025-05-01T15:15:55.733",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-430xx/CVE-2022-43058.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43058",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T21:15:17.803",
"lastModified": "2024-11-21T07:25:52.303",
"lastModified": "2025-05-01T15:15:55.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-430xx/CVE-2022-43074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43074",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T20:15:12.393",
"lastModified": "2024-11-21T07:25:53.510",
"lastModified": "2025-05-01T14:15:29.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-431xx/CVE-2022-43120.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43120",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T16:15:18.500",
"lastModified": "2024-11-21T07:25:57.370",
"lastModified": "2025-05-01T15:15:56.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-431xx/CVE-2022-43146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43146",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-14T21:15:19.580",
"lastModified": "2024-11-21T07:25:59.457",
"lastModified": "2025-05-01T14:15:29.287",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-436xx/CVE-2022-43671.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43671",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T04:15:10.057",
"lastModified": "2024-11-21T07:27:00.770",
"lastModified": "2025-05-01T14:15:29.560",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-436xx/CVE-2022-43672.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43672",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T04:15:10.290",
"lastModified": "2024-11-21T07:27:00.930",
"lastModified": "2025-05-01T14:15:29.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-436xx/CVE-2022-43679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43679",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T21:15:11.793",
"lastModified": "2024-11-21T07:27:01.600",
"lastModified": "2025-05-01T14:15:30.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-440xx/CVE-2022-44087.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44087",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T15:15:20.017",
"lastModified": "2024-11-21T07:27:37.560",
"lastModified": "2025-05-01T14:15:30.277",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-440xx/CVE-2022-44088.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44088",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T15:15:20.163",
"lastModified": "2024-11-21T07:27:37.703",
"lastModified": "2025-05-01T14:15:30.523",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-440xx/CVE-2022-44089.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44089",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T15:15:20.273",
"lastModified": "2024-11-21T07:27:37.867",
"lastModified": "2025-05-01T14:15:30.730",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-443xx/CVE-2022-44317.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44317",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-08T15:15:12.217",
"lastModified": "2024-11-21T07:27:52.960",
"lastModified": "2025-05-01T15:15:56.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-443xx/CVE-2022-44318.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44318",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-08T15:15:12.330",
"lastModified": "2024-11-21T07:27:53.110",
"lastModified": "2025-05-01T15:15:56.520",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44548",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.067",
"lastModified": "2024-11-21T07:28:06.550",
"lastModified": "2025-05-01T15:15:56.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44549.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44549",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.160",
"lastModified": "2024-11-21T07:28:06.673",
"lastModified": "2025-05-01T15:15:56.863",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44550",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.230",
"lastModified": "2024-11-21T07:28:06.783",
"lastModified": "2025-05-01T15:15:57.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44551.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44551",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.293",
"lastModified": "2024-11-21T07:28:06.890",
"lastModified": "2025-05-01T15:15:57.200",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44552",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.387",
"lastModified": "2024-11-21T07:28:06.997",
"lastModified": "2025-05-01T15:15:57.367",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44553.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44553",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.447",
"lastModified": "2024-11-21T07:28:07.107",
"lastModified": "2025-05-01T14:15:30.937",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44554.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44554",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.503",
"lastModified": "2024-11-21T07:28:07.213",
"lastModified": "2025-05-01T14:15:31.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44555.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44555",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.557",
"lastModified": "2024-11-21T07:28:07.327",
"lastModified": "2025-05-01T14:15:31.493",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44557.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44557",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.617",
"lastModified": "2024-11-21T07:28:07.543",
"lastModified": "2025-05-01T14:15:32.100",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44558.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44558",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.670",
"lastModified": "2024-11-21T07:28:07.653",
"lastModified": "2025-05-01T14:15:32.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44559.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44559",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.727",
"lastModified": "2024-11-21T07:28:07.760",
"lastModified": "2025-05-01T14:15:32.830",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44560.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44560",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.803",
"lastModified": "2024-11-21T07:28:07.870",
"lastModified": "2025-05-01T14:15:33.053",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44561.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44561",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.863",
"lastModified": "2024-11-21T07:28:07.980",
"lastModified": "2025-05-01T14:15:33.263",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44562.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44562",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.920",
"lastModified": "2024-11-21T07:28:08.083",
"lastModified": "2025-05-01T15:15:57.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-445xx/CVE-2022-44563.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44563",
"sourceIdentifier": "psirt@huawei.com",
"published": "2022-11-09T21:15:18.977",
"lastModified": "2024-11-21T07:28:08.190",
"lastModified": "2025-05-01T15:15:57.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-447xx/CVE-2022-44727.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44727",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T17:15:10.687",
"lastModified": "2024-11-21T07:28:22.710",
"lastModified": "2025-05-01T14:15:33.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-450xx/CVE-2022-45059.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45059",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T06:15:09.683",
"lastModified": "2024-11-21T07:28:41.287",
"lastModified": "2025-05-01T15:15:57.917",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-444"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-450xx/CVE-2022-45060.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45060",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T06:15:09.830",
"lastModified": "2024-11-21T07:28:41.880",
"lastModified": "2025-05-01T15:15:58.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-450xx/CVE-2022-45061.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45061",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T07:15:09.887",
"lastModified": "2024-11-21T07:28:42.067",
"lastModified": "2025-05-01T15:15:58.423",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-407"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-407"
}
]
}
],
"configurations": [

39
CVE-2022/CVE-2022-450xx/CVE-2022-45062.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45062",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-09T07:15:10.130",
"lastModified": "2024-11-21T07:28:42.303",
"lastModified": "2025-05-01T15:15:58.727",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-88"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"configurations": [
@ -186,6 +216,13 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Broken Link"
]
}
]
}

32
CVE-2022/CVE-2022-451xx/CVE-2022-45129.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45129",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T06:15:13.813",
"lastModified": "2024-11-21T07:28:48.863",
"lastModified": "2025-05-01T14:15:33.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-552"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-451xx/CVE-2022-45130.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45130",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-10T06:15:13.943",
"lastModified": "2024-11-21T07:28:49.017",
"lastModified": "2025-05-01T14:15:34.000",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-451xx/CVE-2022-45182.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45182",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-11T20:15:19.783",
"lastModified": "2024-11-21T07:28:55.140",
"lastModified": "2025-05-01T14:15:34.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-233"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-451xx/CVE-2022-45194.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45194",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T00:15:12.467",
"lastModified": "2024-11-21T07:28:56.390",
"lastModified": "2025-05-01T14:15:34.460",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-611"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-451xx/CVE-2022-45195.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45195",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-12T19:15:10.707",
"lastModified": "2024-11-21T07:28:56.543",
"lastModified": "2025-05-01T14:15:34.660",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-327"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [

49
CVE-2022/CVE-2022-497xx/CVE-2022-49762.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49762",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:58.933",
"lastModified": "2025-05-01T15:15:58.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs: check overflow when iterating ATTR_RECORDs\n\nKernel iterates over ATTR_RECORDs in mft record in ntfs_attr_find(). \nBecause the ATTR_RECORDs are next to each other, kernel can get the next\nATTR_RECORD from end address of current ATTR_RECORD, through current\nATTR_RECORD length field.\n\nThe problem is that during iteration, when kernel calculates the end\naddress of current ATTR_RECORD, kernel may trigger an integer overflow bug\nin executing `a = (ATTR_RECORD*)((u8*)a + le32_to_cpu(a->length))`. This\nmay wrap, leading to a forever iteration on 32bit systems.\n\nThis patch solves it by adding some checks on calculating end address\nof current ATTR_RECORD during iteration."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/45683723f6b53e39e8a4cec0894e61fd6ec71989",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5559eb5809353a83a40a1e4e7f066431c7b83020",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/63095f4f3af59322bea984a6ae44337439348fe0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/785b2af9654b8beac55644e36da0085c5d776361",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86f36de14dce5802856bb7a5921d74439db00b64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/957732a09c3828267c2819d31c425aa793dd475b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b612f924f296408d7d02fb4cd01218afd4ed7184",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b63ddb3ba61e2d3539f87e095c881e552bc45dab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49763.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49763",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.047",
"lastModified": "2025-05-01T15:15:59.047",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs: fix use-after-free in ntfs_attr_find()\n\nPatch series \"ntfs: fix bugs about Attribute\", v2.\n\nThis patchset fixes three bugs relative to Attribute in record:\n\nPatch 1 adds a sanity check to ensure that, attrs_offset field in first\nmft record loading from disk is within bounds.\n\nPatch 2 moves the ATTR_RECORD's bounds checking earlier, to avoid\ndereferencing ATTR_RECORD before checking this ATTR_RECORD is within\nbounds.\n\nPatch 3 adds an overflow checking to avoid possible forever loop in\nntfs_attr_find().\n\nWithout patch 1 and patch 2, the kernel triggersa KASAN use-after-free\ndetection as reported by Syzkaller.\n\nAlthough one of patch 1 or patch 2 can fix this, we still need both of\nthem. Because patch 1 fixes the root cause, and patch 2 not only fixes\nthe direct cause, but also fixes the potential out-of-bounds bug.\n\n\nThis patch (of 3):\n\nSyzkaller reported use-after-free read as follows:\n==================================================================\nBUG: KASAN: use-after-free in ntfs_attr_find+0xc02/0xce0 fs/ntfs/attrib.c:597\nRead of size 2 at addr ffff88807e352009 by task syz-executor153/3607\n\n[...]\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x2ba/0x719 mm/kasan/report.c:433\n kasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n ntfs_attr_find+0xc02/0xce0 fs/ntfs/attrib.c:597\n ntfs_attr_lookup+0x1056/0x2070 fs/ntfs/attrib.c:1193\n ntfs_read_inode_mount+0x89a/0x2580 fs/ntfs/inode.c:1845\n ntfs_fill_super+0x1799/0x9320 fs/ntfs/super.c:2854\n mount_bdev+0x34d/0x410 fs/super.c:1400\n legacy_get_tree+0x105/0x220 fs/fs_context.c:610\n vfs_get_tree+0x89/0x2f0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x1326/0x1e20 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x27f/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n [...]\n </TASK>\n\nThe buggy address belongs to the physical page:\npage:ffffea0001f8d400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e350\nhead:ffffea0001f8d400 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000010200 0000000000000000 dead000000000122 ffff888011842140\nraw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\nMemory state around the buggy address:\n ffff88807e351f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff88807e351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n>ffff88807e352000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff88807e352080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff88807e352100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n==================================================================\n\nKernel will loads $MFT/$DATA's first mft record in\nntfs_read_inode_mount().\n\nYet the problem is that after loading, kernel doesn't check whether\nattrs_offset field is a valid value.\n\nTo be more specific, if attrs_offset field is larger than bytes_allocated\nfield, then it may trigger the out-of-bounds read bug(reported as\nuse-after-free bug) in ntfs_attr_find(), when kernel tries to access the\ncorresponding mft record's attribute.\n\nThis patch solves it by adding the sanity check between attrs_offset field\nand bytes_allocated field, after loading the first mft record."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/266bd5306286316758e6246ea0345133427b0f62",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4863f815463034f588a035cfd99cdca97a4f1069",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5330c423b86263ac7883fef0260b9e2229cb531e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/79f3ac7dcd12c05b7539239a4c6fa229a50d786c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b825bfbbaafbe8da2037e3a778ad660c59f9e054",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d0006d739738a658a9c29b438444259d9f71dfa0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d85a1bec8e8d552ab13163ca1874dcd82f3d1550",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fb2004bafd1932e08d21ca604ee5844f2b7f212d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49764.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49764",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.170",
"lastModified": "2025-05-01T15:15:59.170",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent bpf program recursion for raw tracepoint probes\n\nWe got report from sysbot [1] about warnings that were caused by\nbpf program attached to contention_begin raw tracepoint triggering\nthe same tracepoint by using bpf_trace_printk helper that takes\ntrace_printk_lock lock.\n\n Call Trace:\n <TASK>\n ? trace_event_raw_event_bpf_trace_printk+0x5f/0x90\n bpf_trace_printk+0x2b/0xe0\n bpf_prog_a9aec6167c091eef_prog+0x1f/0x24\n bpf_trace_run2+0x26/0x90\n native_queued_spin_lock_slowpath+0x1c6/0x2b0\n _raw_spin_lock_irqsave+0x44/0x50\n bpf_trace_printk+0x3f/0xe0\n bpf_prog_a9aec6167c091eef_prog+0x1f/0x24\n bpf_trace_run2+0x26/0x90\n native_queued_spin_lock_slowpath+0x1c6/0x2b0\n _raw_spin_lock_irqsave+0x44/0x50\n bpf_trace_printk+0x3f/0xe0\n bpf_prog_a9aec6167c091eef_prog+0x1f/0x24\n bpf_trace_run2+0x26/0x90\n native_queued_spin_lock_slowpath+0x1c6/0x2b0\n _raw_spin_lock_irqsave+0x44/0x50\n bpf_trace_printk+0x3f/0xe0\n bpf_prog_a9aec6167c091eef_prog+0x1f/0x24\n bpf_trace_run2+0x26/0x90\n native_queued_spin_lock_slowpath+0x1c6/0x2b0\n _raw_spin_lock_irqsave+0x44/0x50\n __unfreeze_partials+0x5b/0x160\n ...\n\nThe can be reproduced by attaching bpf program as raw tracepoint on\ncontention_begin tracepoint. The bpf prog calls bpf_trace_printk\nhelper. Then by running perf bench the spin lock code is forced to\ntake slow path and call contention_begin tracepoint.\n\nFixing this by skipping execution of the bpf program if it's\nalready running, Using bpf prog 'active' field, which is being\ncurrently used by trampoline programs for the same reason.\n\nMoving bpf_prog_inc_misses_counter to syscall.c because\ntrampoline.c is compiled in just for CONFIG_BPF_JIT option.\n\n[1] https://lore.kernel.org/bpf/YxhFe3EwqchC%2FfYf@krava/T/#t"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/05b24ff9b2cfabfcfd951daaa915a036ab53c9e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2e5399879024fedd6cdc41f73fbf9bbe7208f899",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-497xx/CVE-2022-49765.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-49765",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.277",
"lastModified": "2025-05-01T15:15:59.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: use a dedicated spinlock for trans_fd\n\nShamelessly copying the explanation from Tetsuo Handa's suggested\npatch[1] (slightly reworded):\nsyzbot is reporting inconsistent lock state in p9_req_put()[2],\nfor p9_tag_remove() from p9_req_put() from IRQ context is using\nspin_lock_irqsave() on \"struct p9_client\"->lock but trans_fd\n(not from IRQ context) is using spin_lock().\n\nSince the locks actually protect different things in client.c and in\ntrans_fd.c, just replace trans_fd.c's lock by a new one specific to the\ntransport (client.c's protect the idr for fid/tag allocations,\nwhile trans_fd.c's protects its own req list and request status field\nthat acts as the transport's state machine)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/296ab4a813841ba1d5f40b03190fd1bd8f25aab0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/43bbadb7e4636dc02f6a283c2a39e6438e6173cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/717b9b4f38703d7f5293059e3a242d16f76fa045",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49766.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49766",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.380",
"lastModified": "2025-05-01T15:15:59.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Bounds-check struct nlmsgerr creation\n\nIn preparation for FORTIFY_SOURCE doing bounds-check on memcpy(),\nswitch from __nlmsg_put to nlmsg_put(), and explain the bounds check\nfor dealing with the memcpy() across a composite flexible array struct.\nAvoids this future run-time warning:\n\n memcpy: detected field-spanning write (size 32) of single field \"&errmsg->msg\" at net/netlink/af_netlink.c:2447 (size 16)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49767.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49767",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.483",
"lastModified": "2025-05-01T15:15:59.483",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/trans_fd: always use O_NONBLOCK read/write\n\nsyzbot is reporting hung task at p9_fd_close() [1], for p9_mux_poll_stop()\n from p9_conn_destroy() from p9_fd_close() is failing to interrupt already\nstarted kernel_read() from p9_fd_read() from p9_read_work() and/or\nkernel_write() from p9_fd_write() from p9_write_work() requests.\n\nSince p9_socket_open() sets O_NONBLOCK flag, p9_mux_poll_stop() does not\nneed to interrupt kernel_read()/kernel_write(). However, since p9_fd_open()\ndoes not set O_NONBLOCK flag, but pipe blocks unless signal is pending,\np9_mux_poll_stop() needs to interrupt kernel_read()/kernel_write() when\nthe file descriptor refers to a pipe. In other words, pipe file descriptor\nneeds to be handled as if socket file descriptor.\n\nWe somehow need to interrupt kernel_read()/kernel_write() on pipes.\n\nA minimal change, which this patch is doing, is to set O_NONBLOCK flag\n from p9_fd_open(), for O_NONBLOCK flag does not affect reading/writing\nof regular files. But this approach changes O_NONBLOCK flag on userspace-\nsupplied file descriptors (which might break userspace programs), and\nO_NONBLOCK flag could be changed by userspace. It would be possible to set\nO_NONBLOCK flag every time p9_fd_read()/p9_fd_write() is invoked, but still\nremains small race window for clearing O_NONBLOCK flag.\n\nIf we don't want to manipulate O_NONBLOCK flag, we might be able to\nsurround kernel_read()/kernel_write() with set_thread_flag(TIF_SIGPENDING)\nand recalc_sigpending(). Since p9_read_work()/p9_write_work() works are\nprocessed by kernel threads which process global system_wq workqueue,\nsignals could not be delivered from remote threads when p9_mux_poll_stop()\n from p9_conn_destroy() from p9_fd_close() is called. Therefore, calling\nset_thread_flag(TIF_SIGPENDING)/recalc_sigpending() every time would be\nneeded if we count on signals for making kernel_read()/kernel_write()\nnon-blocking.\n\n[Dominique: add comment at Christian's suggestion]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b5e6bd72b8171364616841603a70e4ba9837063",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0e07032b4b4724b8ad1003698cb81083c1818999",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5af16182c5639349415118e9e9aecd8355f7a08b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7abf40f06a76c0dff42eada10597917e9776fbd4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9f8554615df668e4bf83294633ee9d232b28ce45",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a8e2fc8f7b41fa9d9ca5f624f4e4d34fce5b40a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b1ad04da7fe4515e2ce2d5f2dcab3b5b6d45614b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef575281b21e9a34dfae544a187c6aac2ae424a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49768.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49768",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.597",
"lastModified": "2025-05-01T15:15:59.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p: trans_fd/p9_conn_cancel: drop client lock earlier\n\nsyzbot reported a double-lock here and we no longer need this\nlock after requests have been moved off to local list:\njust drop the lock earlier."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/52f1c45dde9136f964d63a77d19826c8a74e2c7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/612c977f5d481f551d03d83d0aef588845c1300c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/82825dbf393f7c7979d462f9609a15bde8092b3f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/96760723aae1b45f733f702abb4333137143909f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a4f1a01b2e81378fce9ca528d4d8a049e4b58fcd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e3031280fe4eaf61a09e60823331f81f321be8e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f14858bc77c567e089965962877ee726ffad0556",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fec1406f5e7ab20b71f6d231792b0040e3300aaf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49769.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49769",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.710",
"lastModified": "2025-05-01T15:15:59.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Check sb_bsize_shift after reading superblock\n\nFuzzers like to scribble over sb_bsize_shift but in reality it's very\nunlikely that this field would be corrupted on its own. Nevertheless it\nshould be checked to avoid the possibility of messy mount errors due to\nbad calculations. It's always a fixed value based on the block size so\nwe can just check that it's the expected value.\n\nTested with:\n\n mkfs.gfs2 -O -p lock_nolock /dev/vdb\n for i in 0 -1 64 65 32 33; do\n gfs2_edit -p sb field sb_bsize_shift $i /dev/vdb\n mount /dev/vdb /mnt/test && umount /mnt/test\n done\n\nBefore this patch we get a withdraw after\n\n[ 76.413681] gfs2: fsid=loop0.0: fatal: invalid metadata block\n[ 76.413681] bh = 19 (type: exp=5, found=4)\n[ 76.413681] function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 492\n\nand with UBSAN configured we also get complaints like\n\n[ 76.373395] UBSAN: shift-out-of-bounds in fs/gfs2/ops_fstype.c:295:19\n[ 76.373815] shift exponent 4294967287 is too large for 64-bit type 'long unsigned int'\n\nAfter the patch, these complaints don't appear, mount fails immediately\nand we get an explanation in dmesg."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/15c83fa0fd659dd9fbdc940a560b61236e876a80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/16670534c7cff1acd918a6a5ec751b14e7436b76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1ad197097343568066a8ffaa27ee7d0ae6d9f476",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/28275a7c84d21c55ab3282d897f284d8d527173c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5fa30be7ba81191b0a0c7239a89befc0c94286d5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/670f8ce56dd0632dc29a0322e188cc73ce3c6b92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8b6534c9ae9dba5489703a19d8ba6c8f2cfa33c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6b1e8ea6f3418c3b461ad5a35cdc93c996b2c87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2022/CVE-2022-497xx/CVE-2022-49770.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2022-49770",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:15:59.920",
"lastModified": "2025-05-01T15:15:59.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: avoid putting the realm twice when decoding snaps fails\n\nWhen decoding the snaps fails it maybe leaving the 'first_realm'\nand 'realm' pointing to the same snaprealm memory. And then it'll\nput it twice and could cause random use-after-free, BUG_ON, etc\nissues."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/044bc6d3c2c0e9090b0841e7b723875756534b45",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/274e4c79a3a2a24fba7cfe0e41113f1138785c37",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2f6e2de3a5289004650118b61f138fe7c28e1905",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/51884d153f7ec85e18d607b2467820a90e0f4359",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb7495fe957526555782ce0723f79ce92a6db22e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fd879c83e87735ab8f00ef7755752cf0cbae24b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49771.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49771",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.237",
"lastModified": "2025-05-01T15:16:00.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm ioctl: fix misbehavior if list_versions races with module loading\n\n__list_versions will first estimate the required space using the\n\"dm_target_iterate(list_version_get_needed, &needed)\" call and then will\nfill the space using the \"dm_target_iterate(list_version_get_info,\n&iter_info)\" call. Each of these calls locks the targets using the\n\"down_read(&_lock)\" and \"up_read(&_lock)\" calls, however between the first\nand second \"dm_target_iterate\" there is no lock held and the target\nmodules can be loaded at this point, so the second \"dm_target_iterate\"\ncall may need more space than what was the first \"dm_target_iterate\"\nreturned.\n\nThe code tries to handle this overflow (see the beginning of\nlist_version_get_info), however this handling is incorrect.\n\nThe code sets \"param->data_size = param->data_start + needed\" and\n\"iter_info.end = (char *)vers+len\" - \"needed\" is the size returned by the\nfirst dm_target_iterate call; \"len\" is the size of the buffer allocated by\nuserspace.\n\n\"len\" may be greater than \"needed\"; in this case, the code will write up\nto \"len\" bytes into the buffer, however param->data_size is set to\n\"needed\", so it may write data past the param->data_size value. The ioctl\ninterface copies only up to param->data_size into userspace, thus part of\nthe result will be truncated.\n\nFix this bug by setting \"iter_info.end = (char *)vers + needed;\" - this\nguarantees that the second \"dm_target_iterate\" call will write only up to\nthe \"needed\" buffer and it will exit with \"DM_BUFFER_FULL_FLAG\" if it\noverflows the \"needed\" space - in this case, userspace will allocate a\nlarger buffer and retry.\n\nNote that there is also a bug in list_version_get_needed - we need to add\n\"strlen(tt->name) + 1\" to the needed size, not \"strlen(tt->name)\"."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0c8d4112df329bf3dfbf27693f918c3b08676538",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3a1c35d72dc0b34d1e746ed705790c0f630aa427",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4fe1ec995483737f3d2a14c3fe1d8fe634972979",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5398b8e275bf81a2517b327d216c0f37ac9ac5ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6a818db0d5aecf80d4ba9e10ac153f60adc629ca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6ffce7a92ef5c68f7e5d6f4d722c2f96280c064b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b545c0e1e4094d4de2bdfe9a3823f9154b0c0005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f59f5a269ca5e43c567aca7f1f52500a0186e9b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49772.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49772",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.347",
"lastModified": "2025-05-01T15:16:00.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()\n\nsnd_usbmidi_output_open() has a check of the NULL port with\nsnd_BUG_ON(). snd_BUG_ON() was used as this shouldn't have happened,\nbut in reality, the NULL port may be seen when the device gives an\ninvalid endpoint setup at the descriptor, hence the driver skips the\nallocation. That is, the check itself is valid and snd_BUG_ON()\nshould be dropped from there. Otherwise it's confusing as if it were\na real bug, as recently syzbot stumbled on it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/00f5f1bbf815a39e9eecb468d12ca55d3360eb10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/02b94885b2fdf1808b1874e009bfb90753f8f4db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/368a01e5064c13946d032ab1d65ba95020a39cc5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/872c9314769e89d8bda74ff3ac584756a45ee752",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a80369c8ca50bc885d14386087a834659ec54a54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad72c3c3f6eb81d2cb189ec71e888316adada5df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c43991065f36f7628cd124e037b8750c4617a7a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e7dc436aea80308a9268e6d2d85f910ff107de9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49773.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49773",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.453",
"lastModified": "2025-05-01T15:16:00.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix optc2_configure warning on dcn314\n\n[Why]\ndcn314 uses optc2_configure_crc() that wraps\noptc1_configure_crc() + set additional registers\nnot applicable to dcn314.\nIt's not critical but when used leads to warning like:\nWARNING: drivers/gpu/drm/amd/amdgpu/../display/dc/dc_helper.c\nCall Trace:\n<TASK>\ngeneric_reg_set_ex+0x6d/0xe0 [amdgpu]\noptc2_configure_crc+0x60/0x80 [amdgpu]\ndc_stream_configure_crc+0x129/0x150 [amdgpu]\namdgpu_dm_crtc_configure_crc_source+0x5d/0xe0 [amdgpu]\n\n[How]\nUse optc1_configure_crc() directly"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/e7e4f77c991c9abf90924929a9d55f90b0bb78de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f67ef5aa88e3db0a13ae3befab2ddf14ac00a91c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49774.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49774",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.557",
"lastModified": "2025-05-01T15:16:00.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()\n\nShould not call eventfd_ctx_put() in case of error.\n\n[Introduce new goto target instead. - Paolo]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7353633814f6e5b4899fb9ee1483709d6bb0e1cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d76f46f47dfde220712d1420ee5dbc546c8fc674",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49775.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49775",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.650",
"lastModified": "2025-05-01T15:16:00.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: cdg: allow tcp_cdg_release() to be called multiple times\n\nApparently, mptcp is able to call tcp_disconnect() on an already\ndisconnected flow. This is generally fine, unless current congestion\ncontrol is CDG, because it might trigger a double-free [1]\n\nInstead of fixing MPTCP, and future bugs, we can make tcp_disconnect()\nmore resilient.\n\n[1]\nBUG: KASAN: double-free in slab_free mm/slub.c:3539 [inline]\nBUG: KASAN: double-free in kfree+0xe2/0x580 mm/slub.c:4567\n\nCPU: 0 PID: 3645 Comm: kworker/0:7 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022\nWorkqueue: events mptcp_worker\nCall Trace:\n<TASK>\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x719 mm/kasan/report.c:433\nkasan_report_invalid_free+0x81/0x190 mm/kasan/report.c:462\n____kasan_slab_free+0x18b/0x1c0 mm/kasan/common.c:356\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1759 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1785\nslab_free mm/slub.c:3539 [inline]\nkfree+0xe2/0x580 mm/slub.c:4567\ntcp_disconnect+0x980/0x1e20 net/ipv4/tcp.c:3145\n__mptcp_close_ssk+0x5ca/0x7e0 net/mptcp/protocol.c:2327\nmptcp_do_fastclose net/mptcp/protocol.c:2592 [inline]\nmptcp_worker+0x78c/0xff0 net/mptcp/protocol.c:2627\nprocess_one_work+0x991/0x1610 kernel/workqueue.c:2289\nworker_thread+0x665/0x1080 kernel/workqueue.c:2436\nkthread+0x2e4/0x3a0 kernel/kthread.c:376\nret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n</TASK>\n\nAllocated by task 3671:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track mm/kasan/common.c:45 [inline]\nset_alloc_info mm/kasan/common.c:437 [inline]\n____kasan_kmalloc mm/kasan/common.c:516 [inline]\n____kasan_kmalloc mm/kasan/common.c:475 [inline]\n__kasan_kmalloc+0xa9/0xd0 mm/kasan/common.c:525\nkmalloc_array include/linux/slab.h:640 [inline]\nkcalloc include/linux/slab.h:671 [inline]\ntcp_cdg_init+0x10d/0x170 net/ipv4/tcp_cdg.c:380\ntcp_init_congestion_control+0xab/0x550 net/ipv4/tcp_cong.c:193\ntcp_reinit_congestion_control net/ipv4/tcp_cong.c:217 [inline]\ntcp_set_congestion_control+0x96c/0xaa0 net/ipv4/tcp_cong.c:391\ndo_tcp_setsockopt+0x505/0x2320 net/ipv4/tcp.c:3513\ntcp_setsockopt+0xd4/0x100 net/ipv4/tcp.c:3801\nmptcp_setsockopt+0x35f/0x2570 net/mptcp/sockopt.c:844\n__sys_setsockopt+0x2d6/0x690 net/socket.c:2252\n__do_sys_setsockopt net/socket.c:2263 [inline]\n__se_sys_setsockopt net/socket.c:2260 [inline]\n__x64_sys_setsockopt+0xba/0x150 net/socket.c:2260\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFreed by task 16:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track+0x21/0x30 mm/kasan/common.c:45\nkasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370\n____kasan_slab_free mm/kasan/common.c:367 [inline]\n____kasan_slab_free+0x166/0x1c0 mm/kasan/common.c:329\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1759 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1785\nslab_free mm/slub.c:3539 [inline]\nkfree+0xe2/0x580 mm/slub.c:4567\ntcp_cleanup_congestion_control+0x70/0x120 net/ipv4/tcp_cong.c:226\ntcp_v4_destroy_sock+0xdd/0x750 net/ipv4/tcp_ipv4.c:2254\ntcp_v6_destroy_sock+0x11/0x20 net/ipv6/tcp_ipv6.c:1969\ninet_csk_destroy_sock+0x196/0x440 net/ipv4/inet_connection_sock.c:1157\ntcp_done+0x23b/0x340 net/ipv4/tcp.c:4649\ntcp_rcv_state_process+0x40e7/0x4990 net/ipv4/tcp_input.c:6624\ntcp_v6_do_rcv+0x3fc/0x13c0 net/ipv6/tcp_ipv6.c:1525\ntcp_v6_rcv+0x2e8e/0x3830 net/ipv6/tcp_ipv6.c:1759\nip6_protocol_deliver_rcu+0x2db/0x1950 net/ipv6/ip6_input.c:439\nip6_input_finish+0x14c/0x2c0 net/ipv6/ip6_input.c:484\nNF_HOOK include/linux/netfilter.h:302 [inline]\nNF_HOOK include/linux/netfilter.h:296 [inline]\nip6_input+0x9c/0xd\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b19171439016a8e4c97eafe543670ac86e2b8fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1b639be27cbf428a5ca01dcf8b5d654194c956f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35309be06b6feded2ab2cafbc2bca8534c2fa41e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4026033907cc6186d86b48daa4a252c860db2536",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/72e560cb8c6f80fc2b4afc5d3634a32465e13a51",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78be2ee0112409ae4e9ee9e326151e0559b3d239",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e481d87349d2282f400ee1d010a169c99f766b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b49026d9c86f35a4c5bfb8d7345c9c4379828c6b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2022/CVE-2022-497xx/CVE-2022-49776.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2022-49776",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.763",
"lastModified": "2025-05-01T15:16:00.763",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: enforce a consistent minimal mtu\n\nmacvlan should enforce a minimal mtu of 68, even at link creation.\n\nThis patch avoids the current behavior (which could lead to crashes\nin ipv6 stack if the link is brought up)\n\n$ ip link add macvlan1 link eno1 mtu 8 type macvlan # This should fail !\n$ ip link sh dev macvlan1\n5: macvlan1@eno1: <BROADCAST,MULTICAST> mtu 8 qdisc noop\n state DOWN mode DEFAULT group default qlen 1000\n link/ether 02:47:6c:24:74:82 brd ff:ff:ff:ff:ff:ff\n$ ip link set macvlan1 mtu 67\nError: mtu less than device minimum.\n$ ip link set macvlan1 mtu 68\n$ ip link set macvlan1 mtu 8\nError: mtu less than device minimum."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2b055c719d8f94c15ec9b7659978133030c6a353",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/650137a7c0b2892df2e5b0bc112d7b09a78c93c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a62aa84fe19eb24d083d600a074c009a0a66d4f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b64085b00044bdf3cd1c9825e9ef5b2e0feae91a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2fee7d121d189c6dc905b727d60e7043a6655bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e41cbf98df22d08402e65174d147cbb187fe1a33",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e929ec98c0c3b10d9c07f3776df0c1a02d7a763e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2022/CVE-2022-497xx/CVE-2022-49777.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2022-49777",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.870",
"lastModified": "2025-05-01T15:16:00.870",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: i8042 - fix leaking of platform device on module removal\n\nAvoid resetting the module-wide i8042_platform_device pointer in\ni8042_probe() or i8042_remove(), so that the device can be properly\ndestroyed by i8042_exit() on module unload."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3f25add5ecf88de0f8ff2b27b6c0731a1f1b38ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f348b60c79671eee33c1389efe89109c93047da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/81cd7e8489278d28794e7b272950c3e00c344e44",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/81df118e79b2136b5c016394f67a051dc508b7b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a32cd7feb0127bf629a82686b6e2c128139a86e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d5f7f6e63fed9c2ed09725d90059a28907e197e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49778.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49778",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:00.980",
"lastModified": "2025-05-01T15:16:00.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/mm: fix incorrect file_map_count for non-leaf pmd/pud\n\nThe page table check trigger BUG_ON() unexpectedly when collapse hugepage:\n\n ------------[ cut here ]------------\n kernel BUG at mm/page_table_check.c:82!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Dumping ftrace buffer:\n (ftrace buffer empty)\n Modules linked in:\n CPU: 6 PID: 68 Comm: khugepaged Not tainted 6.1.0-rc3+ #750\n Hardware name: linux,dummy-virt (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : page_table_check_clear.isra.0+0x258/0x3f0\n lr : page_table_check_clear.isra.0+0x240/0x3f0\n[...]\n Call trace:\n page_table_check_clear.isra.0+0x258/0x3f0\n __page_table_check_pmd_clear+0xbc/0x108\n pmdp_collapse_flush+0xb0/0x160\n collapse_huge_page+0xa08/0x1080\n hpage_collapse_scan_pmd+0xf30/0x1590\n khugepaged_scan_mm_slot.constprop.0+0x52c/0xac8\n khugepaged+0x338/0x518\n kthread+0x278/0x2f8\n ret_from_fork+0x10/0x20\n[...]\n\nSince pmd_user_accessible_page() doesn't check if a pmd is leaf, it\ndecrease file_map_count for a non-leaf pmd comes from collapse_huge_page().\nand so trigger BUG_ON() unexpectedly.\n\nFix this problem by using pmd_leaf() insteal of pmd_present() in\npmd_user_accessible_page(). Moreover, use pud_leaf() for\npud_user_accessible_page() too."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d458046df634088611d44fd77f45465e833ef78",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5b47348fc0b18a78c96f8474cc90b7525ad1bbfe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-497xx/CVE-2022-49779.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-49779",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.080",
"lastModified": "2025-05-01T15:16:01.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case\n\nIn __unregister_kprobe_top(), if the currently unregistered probe has\npost_handler but other child probes of the aggrprobe do not have\npost_handler, the post_handler of the aggrprobe is cleared. If this is\na ftrace-based probe, there is a problem. In later calls to\ndisarm_kprobe(), we will use kprobe_ftrace_ops because post_handler is\nNULL. But we're armed with kprobe_ipmodify_ops. This triggers a WARN in\n__disarm_kprobe_ftrace() and may even cause use-after-free:\n\n Failed to disarm kprobe-ftrace at kernel_clone+0x0/0x3c0 (error -2)\n WARNING: CPU: 5 PID: 137 at kernel/kprobes.c:1135 __disarm_kprobe_ftrace.isra.21+0xcf/0xe0\n Modules linked in: testKprobe_007(-)\n CPU: 5 PID: 137 Comm: rmmod Not tainted 6.1.0-rc4-dirty #18\n [...]\n Call Trace:\n <TASK>\n __disable_kprobe+0xcd/0xe0\n __unregister_kprobe_top+0x12/0x150\n ? mutex_lock+0xe/0x30\n unregister_kprobes.part.23+0x31/0xa0\n unregister_kprobe+0x32/0x40\n __x64_sys_delete_module+0x15e/0x260\n ? do_user_addr_fault+0x2cd/0x6b0\n do_syscall_64+0x3a/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n [...]\n\nFor the kprobe-on-ftrace case, we keep the post_handler setting to\nidentify this aggrprobe armed with kprobe_ipmodify_ops. This way we\ncan disarm it correctly."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/55788ebbe8b365b4375bd56b4ba7db79d393a370",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5dd7caf0bdc5d0bae7cf9776b4d739fb09bd5ebb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7b0007b28dd970176f2e297c06ae63eea2447127",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7d606ae1abcc3eab5408e42444d789dc7def51b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c49cc2c059b503e962c2f13a806c105f9b757df4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2022/CVE-2022-497xx/CVE-2022-49780.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2022-49780",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.200",
"lastModified": "2025-05-01T15:16:01.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()\n\nIf device_register() fails in tcm_loop_setup_hba_bus(), the name allocated\nby dev_set_name() need be freed. As comment of device_register() says, it\nshould use put_device() to give up the reference in the error path. So fix\nthis by calling put_device(), then the name can be freed in kobject_cleanup().\nThe 'tl_hba' will be freed in tcm_loop_release_adapter(), so it don't need\ngoto error label in this case."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/28f7ff5e7559d226e63c7c5de74eb075a83d8c53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/41a6b8b527a5957fab41c3c05e25ad125268e2e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/75205f1b47a88c3fac4f30bd7567e89b2887c7fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a636772988bafab89278e7bb3420d8e8eacfe912",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bc68e428d4963af0201e92159629ab96948f0893",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dce0589a3faec9e2e543e97bca7e62592ec85585",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49781.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49781",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.307",
"lastModified": "2025-05-01T15:16:01.307",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling\n\namd_pmu_enable_all() does:\n\n if (!test_bit(idx, cpuc->active_mask))\n continue;\n\n amd_pmu_enable_event(cpuc->events[idx]);\n\nA perf NMI of another event can come between these two steps. Perf NMI\nhandler internally disables and enables _all_ events, including the one\nwhich nmi-intercepted amd_pmu_enable_all() was in process of enabling.\nIf that unintentionally enabled event has very low sampling period and\ncauses immediate successive NMI, causing the event to be throttled,\ncpuc->events[idx] and cpuc->active_mask gets cleared by x86_pmu_stop().\nThis will result in amd_pmu_enable_event() getting called with event=NULL\nwhen amd_pmu_enable_all() resumes after handling the NMIs. This causes a\nkernel crash:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000198\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n [...]\n Call Trace:\n <TASK>\n amd_pmu_enable_all+0x68/0xb0\n ctx_resched+0xd9/0x150\n event_function+0xb8/0x130\n ? hrtimer_start_range_ns+0x141/0x4a0\n ? perf_duration_warn+0x30/0x30\n remote_function+0x4d/0x60\n __flush_smp_call_function_queue+0xc4/0x500\n flush_smp_call_function_queue+0x11d/0x1b0\n do_idle+0x18f/0x2d0\n cpu_startup_entry+0x19/0x20\n start_secondary+0x121/0x160\n secondary_startup_64_no_verify+0xe5/0xeb\n </TASK>\n\namd_pmu_disable_all()/amd_pmu_enable_all() calls inside perf NMI handler\nwere recently added as part of BRS enablement but I'm not sure whether\nwe really need them. We can just disable BRS in the beginning and enable\nit back while returning from NMI. This will solve the issue by not\nenabling those events whose active_masks are set but are not yet enabled\nin hw pmu."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/baa014b9543c8e5e94f5d15b66abfe60750b8284",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fd5e454b856ed86b090336e269695d9908609b71",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-497xx/CVE-2022-49782.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-49782",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.410",
"lastModified": "2025-05-01T15:16:01.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Improve missing SIGTRAP checking\n\nTo catch missing SIGTRAP we employ a WARN in __perf_event_overflow(),\nwhich fires if pending_sigtrap was already set: returning to user space\nwithout consuming pending_sigtrap, and then having the event fire again\nwould re-enter the kernel and trigger the WARN.\n\nThis, however, seemed to miss the case where some events not associated\nwith progress in the user space task can fire and the interrupt handler\nruns before the IRQ work meant to consume pending_sigtrap (and generate\nthe SIGTRAP).\n\nsyzbot gifted us this stack trace:\n\n | WARNING: CPU: 0 PID: 3607 at kernel/events/core.c:9313 __perf_event_overflow\n | Modules linked in:\n | CPU: 0 PID: 3607 Comm: syz-executor100 Not tainted 6.1.0-rc2-syzkaller-00073-g88619e77b33d #0\n | Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022\n | RIP: 0010:__perf_event_overflow+0x498/0x540 kernel/events/core.c:9313\n | <...>\n | Call Trace:\n | <TASK>\n | perf_swevent_hrtimer+0x34f/0x3c0 kernel/events/core.c:10729\n | __run_hrtimer kernel/time/hrtimer.c:1685 [inline]\n | __hrtimer_run_queues+0x1c6/0xfb0 kernel/time/hrtimer.c:1749\n | hrtimer_interrupt+0x31c/0x790 kernel/time/hrtimer.c:1811\n | local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1096 [inline]\n | __sysvec_apic_timer_interrupt+0x17c/0x640 arch/x86/kernel/apic/apic.c:1113\n | sysvec_apic_timer_interrupt+0x40/0xc0 arch/x86/kernel/apic/apic.c:1107\n | asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649\n | <...>\n | </TASK>\n\nIn this case, syzbot produced a program with event type\nPERF_TYPE_SOFTWARE and config PERF_COUNT_SW_CPU_CLOCK. The hrtimer\nmanages to fire again before the IRQ work got a chance to run, all while\nnever having returned to user space.\n\nImprove the WARN to check for real progress in user space: approximate\nthis by storing a 32-bit hash of the current IP into pending_sigtrap,\nand if an event fires while pending_sigtrap still matches the previous\nIP, we assume no progress (false negatives are possible given we could\nreturn to user space and trigger again on the same IP)."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/35c60b4e8ca76712dd03bafe2598e31578248916",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b09221f1b4944d2866d06ac35e59d7a6f8916c9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bb88f9695460bec25aa30ba9072595025cf6c8af",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49783.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49783",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.510",
"lastModified": "2025-05-01T15:16:01.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Drop fpregs lock before inheriting FPU permissions\n\nMike Galbraith reported the following against an old fork of preempt-rt\nbut the same issue also applies to the current preempt-rt tree.\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: systemd\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n Preemption disabled at:\n fpu_clone\n CPU: 6 PID: 1 Comm: systemd Tainted: G E (unreleased)\n Call Trace:\n <TASK>\n dump_stack_lvl\n ? fpu_clone\n __might_resched\n rt_spin_lock\n fpu_clone\n ? copy_thread\n ? copy_process\n ? shmem_alloc_inode\n ? kmem_cache_alloc\n ? kernel_clone\n ? __do_sys_clone\n ? do_syscall_64\n ? __x64_sys_rt_sigprocmask\n ? syscall_exit_to_user_mode\n ? do_syscall_64\n ? syscall_exit_to_user_mode\n ? do_syscall_64\n ? syscall_exit_to_user_mode\n ? do_syscall_64\n ? exc_page_fault\n ? entry_SYSCALL_64_after_hwframe\n </TASK>\n\nMike says:\n\n The splat comes from fpu_inherit_perms() being called under fpregs_lock(),\n and us reaching the spin_lock_irq() therein due to fpu_state_size_dynamic()\n returning true despite static key __fpu_state_size_dynamic having never\n been enabled.\n\nMike's assessment looks correct. fpregs_lock on a PREEMPT_RT kernel disables\npreemption so calling spin_lock_irq() in fpu_inherit_perms() is unsafe. This\nproblem exists since commit\n\n 9e798e9aa14c (\"x86/fpu: Prepare fpu_clone() for dynamically enabled features\").\n\nEven though the original bug report should not have enabled the paths at\nall, the bug still exists.\n\nfpregs_lock is necessary when editing the FPU registers or a task's FP\nstate but it is not necessary for fpu_inherit_perms(). The only write\nof any FP state in fpu_inherit_perms() is for the new child which is\nnot running yet and cannot context switch or be borrowed by a kernel\nthread yet. Hence, fpregs_lock is not protecting anything in the new\nchild until clone() completes and can be dropped earlier. The siglock\nstill needs to be acquired by fpu_inherit_perms() as the read of the\nparent's permissions has to be serialised.\n\n [ bp: Cleanup splat. ]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/36b038791e1e2baea892e9276588815fd14894b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c6e8a7a1780af3da65e78a615f7d0874da6aabb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49784.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49784",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.610",
"lastModified": "2025-05-01T15:16:01.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd/uncore: Fix memory leak for events array\n\nWhen a CPU comes online, the per-CPU NB and LLC uncore contexts are\nfreed but not the events array within the context structure. This\ncauses a memory leak as identified by the kmemleak detector.\n\n [...]\n unreferenced object 0xffff8c5944b8e320 (size 32):\n comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<000000000759fb79>] amd_uncore_cpu_up_prepare+0xaf/0x230\n [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n [<0000000015365e0f>] amd_uncore_init+0x260/0x321\n [<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n [<0000000030be8dde>] kernel_init+0x11/0x120\n [<0000000059709e59>] ret_from_fork+0x22/0x30\n unreferenced object 0xffff8c5944b8dd40 (size 64):\n comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000306efe8b>] amd_uncore_cpu_up_prepare+0x183/0x230\n [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n [<0000000015365e0f>] amd_uncore_init+0x260/0x321\n [<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n [<0000000030be8dde>] kernel_init+0x11/0x120\n [<0000000059709e59>] ret_from_fork+0x22/0x30\n [...]\n\nFix the problem by freeing the events array before freeing the uncore\ncontext."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/bdfe34597139cfcecd47a2eb97fea44d77157491",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f75be9885d49e3717de962345c4572ddab52b178",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-497xx/CVE-2022-49785.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-49785",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.713",
"lastModified": "2025-05-01T15:16:01.713",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sgx: Add overflow check in sgx_validate_offset_length()\n\nsgx_validate_offset_length() function verifies \"offset\" and \"length\"\narguments provided by userspace, but was missing an overflow check on\ntheir addition. Add it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3b1c10fb754b0b67165e3f055a4208e5ba26dc89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5277e3d633a5d4157987f4aff068caa55e36db19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f0861f49bd946ff94fce4f82509c45e167f63690",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49786.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49786",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.813",
"lastModified": "2025-05-01T15:16:01.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: properly pin the parent in blkcg_css_online\n\nblkcg_css_online is supposed to pin the blkcg of the parent, but\n397c9f46ee4d refactored things and along the way, changed it to pin the\ncss instead. This results in extra pins, and we end up leaking blkcgs\nand cgroups."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/d118247e404d6338f7b90636a3c6b95a387ed163",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d7dbd43f4a828fa1d9a8614d5b0ac40aee6375fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2022/CVE-2022-497xx/CVE-2022-49787.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2022-49787",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:01.920",
"lastModified": "2025-05-01T15:16:01.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()\n\npci_get_device() will increase the reference count for the returned\npci_dev. We need to use pci_dev_put() to decrease the reference count\nbefore amd_probe() returns. There is no problem for the 'smbus_dev ==\nNULL' branch because pci_dev_put() can also handle the NULL input\nparameter case."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/222cfa0118aa68687ace74aab8fdf77ce8fbd7e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/27f712cd47d65e14cd52cc32a23d42aeef583d5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35bca18092685b488003509fef7055aa2d4f2ebc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4423866d31a06a810db22062ed13389416a66b22",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5dbd6378dbf96787d6dbcca44156c511ae085ea3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7570e5b5419ffd34b6dc45a88c51e113a9a187e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a99a547658e5d451f01ed307426286716b6f01bf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2022/CVE-2022-497xx/CVE-2022-49788.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2022-49788",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:02.027",
"lastModified": "2025-05-01T15:16:02.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()\n\n`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,\nwhich may carry uninitialized data to the userspace, as observed by\nKMSAN:\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121\n instrument_copy_to_user ./include/linux/instrumented.h:121\n _copy_to_user+0x5f/0xb0 lib/usercopy.c:33\n copy_to_user ./include/linux/uaccess.h:169\n vmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431\n vmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925\n vfs_ioctl fs/ioctl.c:51\n ...\n\n Uninit was stored to memory at:\n kmemdup+0x74/0xb0 mm/util.c:131\n dg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271\n vmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339\n qp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\n vmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940\n vmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488\n vmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927\n ...\n\n Local variable ev created at:\n qp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\n\n Bytes 28-31 of 48 are uninitialized\n Memory access of size 48 starts at ffff888035155e00\n Data copied to user address 0000000020000100\n\nUse memset() to prevent the infoleaks.\n\nAlso speculatively fix qp_notify_peer_local(), which may suffer from the\nsame problem."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5a275528025ae4bc7e2232866856dfebf84b2fad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/62634b43d3c4e1bf62fd540196f7081bf0885c0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/76c50d77b928a33e5290aaa9fdc10e88254ff8c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ccf7229b96fadc3a185d1391f814a604c7ef609",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8e2f33c598370bcf828bab4d667d1d38bcd3c57d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e5b0d06d9b10f5f43101bd6598b076c347f9295f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e7061dd1fef2dfb6458cd521aef27aa66f510d31",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f04586c2315cfd03d72ad0395705435e7ed07b1a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-497xx/CVE-2022-49789.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-49789",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:02.143",
"lastModified": "2025-05-01T15:16:02.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: zfcp: Fix double free of FSF request when qdio send fails\n\nWe used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache\nthe FSF request ID when sending a new FSF request. This is used in case the\nsending fails and we need to remove the request from our internal hash\ntable again (so we don't keep an invalid reference and use it when we free\nthe request again).\n\nIn 'zfcp_fsf_req_send()' we used to cache the ID as 'int' (signed and 32\nbit wide), but the rest of the zfcp code (and the firmware specification)\nhandles the ID as 'unsigned long'/'u64' (unsigned and 64 bit wide [s390x\nELF ABI]). For one this has the obvious problem that when the ID grows\npast 32 bit (this can happen reasonably fast) it is truncated to 32 bit\nwhen storing it in the cache variable and so doesn't match the original ID\nanymore. The second less obvious problem is that even when the original ID\nhas not yet grown past 32 bit, as soon as the 32nd bit is set in the\noriginal ID (0x80000000 = 2'147'483'648) we will have a mismatch when we\ncast it back to 'unsigned long'. As the cached variable is of a signed\ntype, the compiler will choose a sign-extending instruction to load the 32\nbit variable into a 64 bit register (e.g.: 'lgf %r11,188(%r15)'). So once\nwe pass the cached variable into 'zfcp_reqlist_find_rm()' to remove the\nrequest again all the leading zeros will be flipped to ones to extend the\nsign and won't match the original ID anymore (this has been observed in\npractice).\n\nIf we can't successfully remove the request from the hash table again after\n'zfcp_qdio_send()' fails (this happens regularly when zfcp cannot notify\nthe adapter about new work because the adapter is already gone during\ne.g. a ChpID toggle) we will end up with a double free. We unconditionally\nfree the request in the calling function when 'zfcp_fsf_req_send()' fails,\nbut because the request is still in the hash table we end up with a stale\nmemory reference, and once the zfcp adapter is either reset during recovery\nor shutdown we end up freeing the same memory twice.\n\nThe resulting stack traces vary depending on the kernel and have no direct\ncorrelation to the place where the bug occurs. Here are three examples that\nhave been seen in practice:\n\n list_del corruption. next->prev should be 00000001b9d13800, but was 00000000dead4ead. (next=00000001bd131a00)\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:62!\n monitor event: 0040 ilc:2 [#1] PREEMPT SMP\n Modules linked in: ...\n CPU: 9 PID: 1617 Comm: zfcperp0.0.1740 Kdump: loaded\n Hardware name: ...\n Krnl PSW : 0704d00180000000 00000003cbeea1f8 (__list_del_entry_valid+0x98/0x140)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0 RI:0 EA:3\n Krnl GPRS: 00000000916d12f1 0000000080000000 000000000000006d 00000003cb665cd6\n 0000000000000001 0000000000000000 0000000000000000 00000000d28d21e8\n 00000000d3844000 00000380099efd28 00000001bd131a00 00000001b9d13800\n 00000000d3290100 0000000000000000 00000003cbeea1f4 00000380099efc70\n Krnl Code: 00000003cbeea1e8: c020004f68a7 larl %r2,00000003cc8d7336\n 00000003cbeea1ee: c0e50027fd65 brasl %r14,00000003cc3e9cb8\n #00000003cbeea1f4: af000000 mc 0,0\n >00000003cbeea1f8: c02000920440 larl %r2,00000003cd12aa78\n 00000003cbeea1fe: c0e500289c25 brasl %r14,00000003cc3fda48\n 00000003cbeea204: b9040043 lgr %r4,%r3\n 00000003cbeea208: b9040051 lgr %r5,%r1\n 00000003cbeea20c: b9040032 lgr %r3,%r2\n Call Trace:\n [<00000003cbeea1f8>] __list_del_entry_valid+0x98/0x140\n ([<00000003cbeea1f4>] __list_del_entry_valid+0x94/0x140)\n [<000003ff7ff502fe>] zfcp_fsf_req_dismiss_all+0xde/0x150 [zfcp]\n [<000003ff7ff49cd0>] zfcp_erp_strategy_do_action+0x160/0x280 [zfcp]\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0954256e970ecf371b03a6c9af2cf91b9c4085ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/11edbdee4399401f533adda9bffe94567aa08b96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1bf8ed585501bb2dd0b5f67c824eab45adfbdccd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/90a49a6b015fa439cd62e45121390284c125a91f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2c7d8f58e9cde8ac8d1f75e9d66c2a813ffe0ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-497xx/CVE-2022-49790.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-49790",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:02.260",
"lastModified": "2025-05-01T15:16:02.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: iforce - invert valid length check when fetching device IDs\n\nsyzbot is reporting uninitialized value at iforce_init_device() [1], for\ncommit 6ac0aec6b0a6 (\"Input: iforce - allow callers supply data buffer\nwhen fetching device IDs\") is checking that valid length is shorter than\nbytes to read. Since iforce_get_id_packet() stores valid length when\nreturning 0, the caller needs to check that valid length is longer than or\nequals to bytes to read."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/24cc679abbf31477d0cc6106ec83c2fbae6b3cdf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d53797ce7ce8fb1d95a5bebc5efa9418c4217a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6365569d62a75ddf53fb0c2936c16587a365984c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b8ebf250997c5fb253582f42bfe98673801ebebd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fdd57c20d4408cac3c3c535c120d244e083406c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-497xx/CVE-2022-49791.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-49791",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:02.367",
"lastModified": "2025-05-01T15:16:02.367",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix multishot accept request leaks\n\nHaving REQ_F_POLLED set doesn't guarantee that the request is\nexecuted as a multishot from the polling path. Fortunately for us, if\nthe code thinks it's multishot issue when it's not, it can only ask to\nskip completion so leaking the request. Use issue_flags to mark\nmultipoll issues."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0e4626de856ef8f25ecd9c716e76d4f95ce95639",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/91482864768a874c4290ef93b84a78f4f1dac51b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2022/CVE-2022-497xx/CVE-2022-49792.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2022-49792",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-05-01T15:16:02.460",
"lastModified": "2025-05-01T15:16:02.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: mp2629: fix potential array out of bound access\n\nAdd sentinel at end of maps to avoid potential array out of\nbound access in iio core."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1678d4abb2dc2ca3b05b998a9d88616976e4f947",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/399b2105a2240e730b9f3880bd8f154247539aa7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca1547ab15f48dc81624183ae17a2fd1bad06dfc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d95b85c5084ad70011988861ee864529eefa1da0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

Some files were not shown because too many files have changed in this diff Show More