Update 22Sep22
diff --git a/CHANGES.md b/CHANGES.md
index 784585d..7d015ae 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,34 +1,40 @@
# **Linux Kernel CVE Changes**
-## Last Update - 19Sep22 22:35
+## Last Update - 22Sep22 21:08
### **New CVEs Added:**
-[CVE-2022-2977](cves/CVE-2022-2977)
-[CVE-2022-3176](cves/CVE-2022-3176)
-[CVE-2022-3202](cves/CVE-2022-3202)
-[CVE-2022-36280](cves/CVE-2022-36280)
-[CVE-2022-36402](cves/CVE-2022-36402)
-[CVE-2022-38096](cves/CVE-2022-38096)
-[CVE-2022-38457](cves/CVE-2022-38457)
-[CVE-2022-40133](cves/CVE-2022-40133)
-[CVE-2022-40476](cves/CVE-2022-40476)
-[CVE-2022-40768](cves/CVE-2022-40768)
+[CVE-2022-3239](cves/CVE-2022-3239)
+[CVE-2022-41218](cves/CVE-2022-41218)
+[CVE-2022-41222](cves/CVE-2022-41222)
### **New Versions Checked:**
-[4.14.293](streams/4.14)
-[4.19.258](streams/4.19)
-[4.9.328](streams/4.9)
-[5.10.143](streams/5.10)
-[5.15.68](streams/5.15)
-[5.19.9](streams/5.19)
-[5.4.213](streams/5.4)
+[4.14.294](streams/4.14)
+[4.19.259](streams/4.19)
+[4.9.329](streams/4.9)
+[5.10.144](streams/5.10)
+[5.15.69](streams/5.15)
+[5.19.10](streams/5.19)
+[5.4.214](streams/5.4)
### **Updated CVEs:**
-[CVE-2021-4159](cves/CVE-2021-4159)
+[CVE-2022-1679](cves/CVE-2022-1679)
+[CVE-2022-2585](cves/CVE-2022-2585)
+[CVE-2022-2586](cves/CVE-2022-2586)
+[CVE-2022-2588](cves/CVE-2022-2588)
+[CVE-2022-2590](cves/CVE-2022-2590)
+[CVE-2022-26373](cves/CVE-2022-26373)
+[CVE-2022-2663](cves/CVE-2022-2663)
+[CVE-2022-2905](cves/CVE-2022-2905)
+[CVE-2022-3028](cves/CVE-2022-3028)
+[CVE-2022-3202](cves/CVE-2022-3202)
+[CVE-2022-36946](cves/CVE-2022-36946)
+[CVE-2022-39189](cves/CVE-2022-39189)
+[CVE-2022-39190](cves/CVE-2022-39190)
+[CVE-2022-39842](cves/CVE-2022-39842)
[CVE-2022-40307](cves/CVE-2022-40307)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index 1fd4f7b..764b41f 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1150,7 +1150,7 @@
CVE-2022-2588: Fix not seen in stream
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
CVE-2022-28388: Fix not seen in stream
@@ -1168,6 +1168,7 @@
CVE-2022-3176: Fix unknown
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1181,9 +1182,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index fe02a36..0300f3e 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1288,7 +1288,7 @@
CVE-2022-2588: (unk) net_sched: cls_route: remove from list when handle is 0
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path
@@ -1306,6 +1306,7 @@
CVE-2022-3176: (unk)
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1319,9 +1320,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index 90eea00..53b1742 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1118,7 +1118,7 @@
CVE-2022-2588: Fix not seen in stream
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
CVE-2022-28388: Fix not seen in stream
@@ -1136,6 +1136,7 @@
CVE-2022-3176: Fix unknown
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1150,9 +1151,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index 7b36439..fcaa69e 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1252,7 +1252,7 @@
CVE-2022-2588: (unk) net_sched: cls_route: remove from list when handle is 0
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path
@@ -1270,6 +1270,7 @@
CVE-2022-3176: (unk)
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1284,9 +1285,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index 4797cb4..e0a7b1b 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1101,7 +1101,7 @@
CVE-2022-2588: Fix not seen in stream
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
CVE-2022-28388: Fix not seen in stream
@@ -1119,6 +1119,7 @@
CVE-2022-3176: Fix unknown
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1133,9 +1134,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index 6f09d4e..957d90e 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1207,7 +1207,7 @@
CVE-2022-2588: (unk) net_sched: cls_route: remove from list when handle is 0
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path
@@ -1225,6 +1225,7 @@
CVE-2022-3176: (unk)
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1239,9 +1240,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index 77633c9..ea9eba5 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -1085,7 +1085,7 @@
CVE-2022-2588: Fix not seen in stream
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -1104,6 +1104,7 @@
CVE-2022-3176: Fix unknown
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1118,9 +1119,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index e0fdc1c..d91440b 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1319,7 +1319,7 @@
CVE-2022-2588: (unk) net_sched: cls_route: remove from list when handle is 0
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1338,6 +1338,7 @@
CVE-2022-3176: (unk)
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1352,9 +1353,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index 7394111..b40c9fa 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1131,7 +1131,7 @@
CVE-2022-2588: Fix not seen in stream
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
@@ -1146,6 +1146,7 @@
CVE-2022-3176: Fix unknown
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1159,9 +1160,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index a07dab1..d900da9 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1287,7 +1287,7 @@
CVE-2022-2588: (unk) net_sched: cls_route: remove from list when handle is 0
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
@@ -1302,6 +1302,7 @@
CVE-2022-3176: (unk)
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1315,9 +1316,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 5e3fd56..e29ae26 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1044,7 +1044,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -1064,6 +1064,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1079,9 +1080,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index f542578..63e61a1 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1140,7 +1140,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1160,6 +1160,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1175,9 +1176,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index 6aa0ee4..b42a6ab 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -940,7 +940,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -962,6 +962,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -977,9 +978,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index 704eb66..e4f4d1d 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -974,7 +974,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -996,6 +996,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1011,9 +1012,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index 40608ab..eb99aba 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -911,7 +911,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -934,6 +934,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -949,9 +950,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index 994ca91..e5cd045 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -933,7 +933,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -956,6 +956,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -971,9 +972,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index 78aeabc..557b9ad 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -892,7 +892,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -917,6 +917,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -932,9 +933,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index ced784e..5b25793 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -918,7 +918,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -943,6 +943,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -958,9 +959,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index b8c2bc2..0badbb3 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -875,7 +875,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -900,6 +900,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -915,9 +916,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index 9e8216d..9303203 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -903,7 +903,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -928,6 +928,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -943,9 +944,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index d934145..ff5c092 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -842,7 +842,7 @@
CVE-2022-26365: Fixed with 4.14.287
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fixed with 4.14.274
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fixed with 4.14.293
CVE-2022-26966: Fixed with 4.14.269
CVE-2022-27223: Fixed with 4.14.269
CVE-2022-27666: Fixed with 4.14.274
@@ -868,6 +868,7 @@
CVE-2022-3202: Fixed with 4.14.276
CVE-2022-32250: Fixed with 4.14.283
CVE-2022-32296: Fixed with 4.14.285
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fixed with 4.14.283
CVE-2022-33740: Fixed with 4.14.287
CVE-2022-33741: Fixed with 4.14.287
@@ -883,9 +884,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 4.14.293
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index 7902ce0..4849b75 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1202,6 +1202,7 @@
CVEs fixed in 4.14.293:
CVE-2021-4159: a7cf53f9ebcd887c19588c0c1b4b8260f41a3faa bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()
+ CVE-2022-2663: 6ce66e3442a5989cbe56a6884384bf0b7d1d0725 netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-40307: 233d5c4d18971feee5fc2f33f00b63d8205cfc67 efi: capsule-loader: Fix use-after-free in efi_capsule_write
Outstanding CVEs:
@@ -1351,7 +1352,6 @@
CVE-2022-25265: (unk)
CVE-2022-2586: (unk) netfilter: nf_tables: do not allow SET_ID to refer to another table
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
@@ -1362,14 +1362,16 @@
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
CVE-2022-3169: (unk)
CVE-2022-3176: (unk)
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index ab4326c..33452d7 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -792,7 +792,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -818,6 +818,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -833,9 +834,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index 278c0ce..9d19284 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -824,7 +824,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -850,6 +850,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -865,9 +866,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index 58c4d8c..b4d5b61 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -771,7 +771,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -797,6 +797,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -818,3 +819,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index 827d511..3e68fbc 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -803,7 +803,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -829,6 +829,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -850,3 +851,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 153807b..09ab64a 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -751,7 +751,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -777,6 +777,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -798,3 +799,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index 769a863..5e48cd0 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -783,7 +783,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -809,6 +809,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -830,3 +831,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 4ef73d5..19b1732 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -729,7 +729,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -755,6 +755,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -776,3 +777,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index c04bc03..32f76c4 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -761,7 +761,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -787,6 +787,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -808,3 +809,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index 60eb61a..e5c432b 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -704,7 +704,7 @@
CVE-2022-26365: Fixed with 4.19.251
CVE-2022-26373: Fixed with 4.19.255
CVE-2022-26490: Fixed with 4.19.237
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fixed with 4.19.258
CVE-2022-26966: Fixed with 4.19.232
CVE-2022-27223: Fixed with 4.19.232
CVE-2022-27666: Fixed with 4.19.237
@@ -730,6 +730,7 @@
CVE-2022-3202: Fixed with 4.19.238
CVE-2022-32250: Fixed with 4.19.247
CVE-2022-32296: Fixed with 4.19.249
+CVE-2022-3239: Fixed with 4.19.238
CVE-2022-32981: Fixed with 4.19.247
CVE-2022-33740: Fixed with 4.19.251
CVE-2022-33741: Fixed with 4.19.251
@@ -751,3 +752,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 4.19.258
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 95dbf2a..18f4f3c 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -936,6 +936,7 @@
CVE-2022-2977: cb64bd038beacb4331fe464a36c8b5481e8f51e2 tpm: fix reference counting for struct tpm_chip
CVE-2022-30594: b1f438f872dcda10a79e6aeaf06fd52dfb15a6ab ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3202: 2ef74e3e0089b6615ee124e1183746974c6bb561 jfs: prevent NULL deref in diFree
+ CVE-2022-3239: 0113fa98a49a8e46a19b0ad80f29c904c6feec23 media: em28xx: initialize refcount before kref_get
CVEs fixed in 4.19.240:
CVE-2022-1204: de55a1338e6a48ff1e41ea8db1432496fbe2a62b ax25: Fix refcount leaks caused by ax25_cb_del()
@@ -1015,6 +1016,7 @@
CVE-2022-3028: 7dbfc8f25f22fe2a64dd808266e00c8d2661ebdd af_key: Do not call xfrm_probe_algs in parallel
CVEs fixed in 4.19.258:
+ CVE-2022-2663: 3275f7804f40de3c578d2253232349b07c25f146 netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-40307: 021805af5bedeafc76c117fc771c100b358ab419 efi: capsule-loader: Fix use-after-free in efi_capsule_write
Outstanding CVEs:
@@ -1141,7 +1143,6 @@
CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
- CVE-2022-2663: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
@@ -1163,3 +1164,5 @@
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index 92a4d17..317d2e5 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -692,7 +692,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -718,6 +718,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -739,3 +740,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index 09b1b0e..282eaa2 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -724,7 +724,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -750,6 +750,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -771,3 +772,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index 9ff9f17..a2c5be9 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1040,7 +1040,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -1061,6 +1061,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1076,9 +1077,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 25d2a28..7af30f0 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1056,7 +1056,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1077,6 +1077,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1092,9 +1093,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 1c7c21a..1f603ae 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1020,7 +1020,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -1042,6 +1042,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1057,9 +1058,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index 713aa4c..ce975a6 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1504,7 +1504,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1526,6 +1526,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1541,9 +1542,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index 39162dd..d1dee95 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -1002,7 +1002,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -1024,6 +1024,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1039,9 +1040,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index 683d768..23750cf 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1018,7 +1018,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1040,6 +1040,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1055,9 +1056,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index c8f54a2..90df1bd 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -974,7 +974,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -996,6 +996,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -1011,9 +1012,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index f7c2e3d..a3e0346 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -992,7 +992,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1014,6 +1014,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1029,9 +1030,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index d52f996..efa109b 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -956,7 +956,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -978,6 +978,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -993,9 +994,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index 134ee19..c9ff99f 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -976,7 +976,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -998,6 +998,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1013,9 +1014,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 1470298..8601567 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -960,7 +960,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-28356: Fix not seen in stream
@@ -982,6 +982,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -997,9 +998,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index 33f7742..14cfb40 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -990,7 +990,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
@@ -1012,6 +1012,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -1027,9 +1028,10 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index 1090554..19d06c2 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -959,7 +959,7 @@
CVE-2022-26365: Fixed with 4.9.322
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fixed with 4.9.309
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fixed with 4.9.328
CVE-2022-26966: Fixed with 4.9.304
CVE-2022-27223: Fixed with 4.9.304
CVE-2022-28356: Fixed with 4.9.309
@@ -981,6 +981,7 @@
CVE-2022-3202: Fixed with 4.9.311
CVE-2022-32250: Fixed with 4.9.318
CVE-2022-32296: Fixed with 4.9.320
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fixed with 4.9.318
CVE-2022-33740: Fixed with 4.9.322
CVE-2022-33741: Fixed with 4.9.322
@@ -996,9 +997,10 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index cee889b..ffb3be0 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1319,6 +1319,9 @@
CVEs fixed in 4.9.327:
CVE-2022-3028: e580d3201ed222c4752ced7e629ad96bc0340713 af_key: Do not call xfrm_probe_algs in parallel
+CVEs fixed in 4.9.328:
+ CVE-2022-2663: eb4d8d6b44a23ff2b6e2af06c8240de73dff8a7d netfilter: nf_conntrack_irc: Fix forged IP logic
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1506,7 +1509,6 @@
CVE-2022-25265: (unk)
CVE-2022-2586: (unk) netfilter: nf_tables: do not allow SET_ID to refer to another table
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
@@ -1518,15 +1520,17 @@
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
CVE-2022-3169: (unk)
CVE-2022-3176: (unk)
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index 68ca5aa..402b7a2 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -671,7 +671,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -697,6 +697,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -718,3 +719,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index bad60fc..545b4b1 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -719,7 +719,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -745,6 +745,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -766,3 +767,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index 2fdbc87..ab513d5 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -640,7 +640,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -667,6 +667,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -688,3 +689,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index fe3f77f..d808e00 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -676,7 +676,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -703,6 +703,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -724,3 +725,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index a90ce46..0e38383 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -349,7 +349,7 @@
CVE-2022-26373: Fixed with 5.10.136
CVE-2022-2639: Fixed with 5.10.113
CVE-2022-26490: Fixed with 5.10.109
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fixed with 5.10.143
CVE-2022-26966: Fixed with 5.10.103
CVE-2022-27223: Fixed with 5.10.103
CVE-2022-27666: Fixed with 5.10.108
@@ -380,6 +380,7 @@
CVE-2022-3202: Fixed with 5.10.111
CVE-2022-32250: Fixed with 5.10.120
CVE-2022-32296: Fixed with 5.10.125
+CVE-2022-3239: Fixed with 5.10.110
CVE-2022-32981: Fixed with 5.10.122
CVE-2022-33740: Fixed with 5.10.129
CVE-2022-33741: Fixed with 5.10.129
@@ -402,3 +403,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.10.143
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fixed with 5.10.137
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index cad044a..e9dbcb5 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -395,6 +395,7 @@
CVE-2022-2977: 290e05f346d1829e849662c97e42d5ad984f5258 tpm: fix reference counting for struct tpm_chip
CVE-2022-30594: 5a41a3033a9344d7683340e3d83f5435ffb06501 ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3078: 663e7a72871f89f7a10cc8d7b2f17f27c64e071d media: vidtv: Check for null return of vzalloc
+ CVE-2022-3239: ec8a37b2d9a76a9443feb0af95bd06ac3df25444 media: em28xx: initialize refcount before kref_get
CVEs fixed in 5.10.111:
CVE-2021-4197: 4665722d36ad13c6abc6b2ef3fe5150c0a92d870 cgroup: Use open-time credentials for process migraton perm checks
@@ -494,6 +495,7 @@
CVE-2022-2585: 541840859ace9c2ccebc32fa9e376c7bd3def490 posix-cpu-timers: Cleanup CPU timers before freeing them during exec
CVE-2022-2586: 1a4b18b1ff11ba26f9a852019d674fde9d1d1cff netfilter: nf_tables: do not allow SET_ID to refer to another table
CVE-2022-2588: 7018f03d97daf344e49b16200caf4363a1407cab net_sched: cls_route: remove from list when handle is 0
+ CVE-2022-41222: 2613baa3ab2153cc45b175c58700d93f72ef36c4 mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVEs fixed in 5.10.140:
CVE-2022-2905: e8979807178434db8ceaa84dfcd44363e71e50bb bpf: Don't use tnum_range on array range checking for poke descriptors
@@ -501,6 +503,7 @@
CVE-2022-39190: c08a104a8bce832f6e7a4e8d9ac091777b9982ea netfilter: nf_tables: disallow binding to already bound chain
CVEs fixed in 5.10.143:
+ CVE-2022-2663: e12ce30fe593dd438c5b392290ad7316befc11ca netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-40307: 918d9c4a4bdf5205f2fb3f64dddfb56c9a1d01d6 efi: capsule-loader: Fix use-after-free in efi_capsule_write
Outstanding CVEs:
@@ -591,7 +594,6 @@
CVE-2022-2327: (unk) io_uring: remove any grabbing of context
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
- CVE-2022-2663: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
CVE-2022-2991: (unk) remove the lightnvm subsystem
@@ -608,3 +610,4 @@
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index 9d5a67d..83a82f4 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -338,7 +338,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -370,6 +370,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -392,3 +393,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index 8a6bb44..80435bf 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -378,7 +378,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -410,6 +410,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -432,3 +433,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 82788fc..2598601 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -291,7 +291,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -324,6 +324,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -346,3 +347,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fixed with 5.12.18
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index 18209f0..dbb927c 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -75,6 +75,7 @@
CVE-2021-3655: d91adac26d5ebac78c731b3aa23ff2c210ce2a0d sctp: validate from_addr_param return
CVE-2021-38205: 7a9bfd7589c18c20df5a5b9278549a2807627e30 net: xilinx_emaclite: Do not print real IOMEM pointer
CVE-2021-45485: 478ec08ae2097b7262a69d951f95e9ef16ff45a0 ipv6: use prandom_u32() for ID generation
+ CVE-2022-41222: 864c4d1d25170def283b2bf87726218126634f04 mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVEs fixed in 5.12.19:
CVE-2021-33909: 514b6531b1cbb64199db63bfdb80953d71998cca seq_file: disallow extremely large seq buffer allocations
@@ -323,7 +324,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -356,6 +357,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -378,3 +380,4 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 205f4e9..cff98cc 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -254,7 +254,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26878: Fix unknown
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
@@ -288,6 +288,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -312,3 +313,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fixed with 5.13.3
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index 2bd9534..c7236de 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -12,6 +12,7 @@
CVE-2021-3655: 4ecabee69d190f2bd9bdc5140109a27231428413 sctp: validate from_addr_param return
CVE-2021-38205: 8722275b41d5127048e1422a8a1b6370b4878533 net: xilinx_emaclite: Do not print real IOMEM pointer
CVE-2021-45485: 8853d2ce4e9e96c7b2a9908f752ab2253c99c6ab ipv6: use prandom_u32() for ID generation
+ CVE-2022-41222: 987a852734e668e0829cf65dd182e44a03064800 mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVEs fixed in 5.13.4:
CVE-2021-33909: 71de462034c69525a5049fbdf3903c5833cbce04 seq_file: disallow extremely large seq buffer allocations
@@ -286,7 +287,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26878: (unk)
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
@@ -320,6 +321,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -344,3 +346,4 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index ebb802f..3314bd7 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -227,7 +227,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26878: Fix unknown
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
@@ -261,6 +261,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -285,3 +286,4 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index c9246d2..227d52a 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -261,7 +261,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26878: (unk)
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
@@ -295,6 +295,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -319,3 +320,4 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index 3b659b7..0ef1fc0 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -195,7 +195,7 @@
CVE-2022-26373: Fixed with 5.15.60
CVE-2022-2639: Fixed with 5.15.36
CVE-2022-26490: Fixed with 5.15.32
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fixed with 5.15.68
CVE-2022-26878: Fix unknown
CVE-2022-26966: Fixed with 5.15.26
CVE-2022-27223: Fixed with 5.15.26
@@ -229,6 +229,7 @@
CVE-2022-3202: Fixed with 5.15.34
CVE-2022-32250: Fixed with 5.15.45
CVE-2022-32296: Fixed with 5.15.41
+CVE-2022-3239: Fixed with 5.15.33
CVE-2022-32981: Fixed with 5.15.47
CVE-2022-33740: Fixed with 5.15.53
CVE-2022-33741: Fixed with 5.15.53
@@ -253,3 +254,4 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.15.68
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index 3bf7d49..d0e1838 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -156,6 +156,7 @@
CVE-2022-2977: 662893b4f6bd466ff9e1cd454c44c26d32d554fe tpm: fix reference counting for struct tpm_chip
CVE-2022-30594: b6d75218ff65f4d63c9cf4986f6c55666fb90a1a ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3078: 9dd2fd7a1f84c947561af29424c5ddcecfcf2cbe media: vidtv: Check for null return of vzalloc
+ CVE-2022-3239: 332d45fe51d75a3a95c4a04e2cb7bffef284edd4 media: em28xx: initialize refcount before kref_get
CVEs fixed in 5.15.34:
CVE-2022-1263: 226b4327ef5c88572fc12187193f1b5073c10837 KVM: avoid NULL pointer dereference in kvm_dirty_ring_push
@@ -266,6 +267,7 @@
CVE-2022-39190: 51f192ae71c3431aa69a988449ee2fd288e57648 netfilter: nf_tables: disallow binding to already bound chain
CVEs fixed in 5.15.68:
+ CVE-2022-2663: 451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4 netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-40307: dd291e070be0eca8807476b022bda00c891d9066 efi: capsule-loader: Fix use-after-free in efi_capsule_write
Outstanding CVEs:
@@ -338,7 +340,6 @@
CVE-2022-23825: (unk)
CVE-2022-24122: (unk) ucount: Make get_ucount a safe get_user replacement
CVE-2022-25265: (unk)
- CVE-2022-2663: (unk)
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
@@ -353,3 +354,4 @@
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index 579c8a7..203d34f 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -162,7 +162,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fixed with 5.16.18
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26878: Fix unknown
CVE-2022-26966: Fixed with 5.16.12
CVE-2022-27223: Fixed with 5.16.12
@@ -197,6 +197,7 @@
CVE-2022-3202: Fixed with 5.16.20
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fixed with 5.16.19
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -221,3 +222,4 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 88b32de..4b4fb7e 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -104,6 +104,7 @@
CVE-2022-2977: 2f928c0d5c02dbab49e8c19d98725c822f6fc409 tpm: fix reference counting for struct tpm_chip
CVE-2022-30594: c8248775c1b96b00b680e067f99f8feaaa7c7dbc ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3078: dd18f929458762f07b969d24d46e1d0a0d94c908 media: vidtv: Check for null return of vzalloc
+ CVE-2022-3239: 37f808a9e734e9036f7aa42ba4864fc6e91d2572 media: em28xx: initialize refcount before kref_get
CVEs fixed in 5.16.20:
CVE-2022-1263: a1f48251918d825785af9cab83996d4c12ef795a KVM: avoid NULL pointer dereference in kvm_dirty_ring_push
@@ -215,7 +216,7 @@
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26878: (unk)
CVE-2022-2873: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-2905: (unk) bpf: Don't use tnum_range on array range checking for poke descriptors
@@ -257,3 +258,4 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index 49609ee..12d5da7 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -114,7 +114,7 @@
CVE-2022-26365: Fix not seen in stream
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fixed with 5.17.5
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26878: Fix unknown
CVE-2022-28356: Fixed with 5.17.1
CVE-2022-28388: Fixed with 5.17.2
@@ -143,6 +143,7 @@
CVE-2022-3202: Fixed with 5.17.3
CVE-2022-32250: Fixed with 5.17.13
CVE-2022-32296: Fixed with 5.17.9
+CVE-2022-3239: Fixed with 5.17.2
CVE-2022-32981: Fixed with 5.17.15
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -167,3 +168,4 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index 3b9264b..bfb1e58 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -28,6 +28,7 @@
CVE-2022-28390: 3f71f499395545119383f10760b8b19703d2a7dd can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-30594: 4d51bbc8a3799febf50471eb6888b1b58e87111e ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3078: 79d17521953d0a16f4df91be59a543a54d1d8c4a media: vidtv: Check for null return of vzalloc
+ CVE-2022-3239: d96dd287ca21c5b494bdb55555b33a6afec807cb media: em28xx: initialize refcount before kref_get
CVEs fixed in 5.17.3:
CVE-2022-1263: e8d7f0dad29e634e26d4614cfbd081514c16e042 KVM: avoid NULL pointer dereference in kvm_dirty_ring_push
@@ -166,7 +167,7 @@
CVE-2022-2590: (unk) mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
CVE-2022-26365: (unk) xen/blkfront: fix leaking data in shared pages
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26878: (unk)
CVE-2022-2905: (unk) bpf: Don't use tnum_range on array range checking for poke descriptors
CVE-2022-2961: (unk)
@@ -197,3 +198,4 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index 40ec6b7..c5014d8 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -88,7 +88,7 @@
CVE-2022-2590: Fix not seen in stream
CVE-2022-26365: Fixed with 5.18.10
CVE-2022-26373: Fixed with 5.18.17
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26878: Fix unknown
CVE-2022-2873: Fixed with 5.18.2
CVE-2022-2905: Fix not seen in stream
@@ -125,3 +125,4 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index 14026bf..dc9a607 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -139,7 +139,7 @@
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
CVE-2022-2590: (unk) mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26878: (unk)
CVE-2022-2905: (unk) bpf: Don't use tnum_range on array range checking for poke descriptors
CVE-2022-2961: (unk)
@@ -157,3 +157,4 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index 736805d..73a236c 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -4,6 +4,7 @@
CVE-2008-4609: Fix unknown
CVE-2010-4563: Fix unknown
CVE-2010-5321: Fix unknown
+CVE-2011-4916: Fix unknown
CVE-2011-4917: Fix unknown
CVE-2012-4542: Fix unknown
CVE-2013-7445: Fix unknown
@@ -17,5 +18,70 @@
CVE-2018-12930: Fix unknown
CVE-2018-12931: Fix unknown
CVE-2018-17977: Fix unknown
-CVE-2019-0146: Fix unknown
CVE-2019-12456: Fix unknown
+CVE-2019-15239: Fix not seen in stream
+CVE-2019-15290: Fix unknown
+CVE-2019-15902: Fix not seen in stream
+CVE-2019-16089: Fix unknown
+CVE-2019-19378: Fix unknown
+CVE-2019-19814: Fix unknown
+CVE-2019-20794: Fix unknown
+CVE-2020-0347: Fix unknown
+CVE-2020-10708: Fix unknown
+CVE-2020-11725: Fix unknown
+CVE-2020-14304: Fix unknown
+CVE-2020-15802: Fix unknown
+CVE-2020-24502: Fix unknown
+CVE-2020-24503: Fix unknown
+CVE-2020-25220: Fix not seen in stream
+CVE-2020-26140: Fix unknown
+CVE-2020-26142: Fix unknown
+CVE-2020-26143: Fix unknown
+CVE-2020-26556: Fix unknown
+CVE-2020-26557: Fix unknown
+CVE-2020-26559: Fix unknown
+CVE-2020-26560: Fix unknown
+CVE-2020-35501: Fix unknown
+CVE-2020-36516: Fix unknown
+CVE-2021-0399: Fix unknown
+CVE-2021-0695: Fix unknown
+CVE-2021-26934: Fix unknown
+CVE-2021-3542: Fix unknown
+CVE-2021-3714: Fix unknown
+CVE-2021-3847: Fix unknown
+CVE-2021-3864: Fix unknown
+CVE-2021-3892: Fix unknown
+CVE-2021-39800: Fix unknown
+CVE-2021-39801: Fix unknown
+CVE-2021-39802: Fix unknown
+CVE-2022-0400: Fix unknown
+CVE-2022-1116: Fix unknown
+CVE-2022-1247: Fix unknown
+CVE-2022-1679: Fixed with 5.19.2
+CVE-2022-2209: Fix unknown
+CVE-2022-2308: Fix unknown
+CVE-2022-23825: Fix unknown
+CVE-2022-25265: Fix unknown
+CVE-2022-2585: Fixed with 5.19.2
+CVE-2022-2586: Fixed with 5.19.2
+CVE-2022-2588: Fixed with 5.19.2
+CVE-2022-2590: Fixed with 5.19.6
+CVE-2022-26373: Fixed with 5.19.1
+CVE-2022-2663: Fixed with 5.19.9
+CVE-2022-26878: Fix unknown
+CVE-2022-2905: Fixed with 5.19.6
+CVE-2022-2961: Fix unknown
+CVE-2022-2978: Fix unknown
+CVE-2022-3028: Fixed with 5.19.6
+CVE-2022-3169: Fix unknown
+CVE-2022-3176: Fix unknown
+CVE-2022-36280: Fix unknown
+CVE-2022-36402: Fix unknown
+CVE-2022-36946: Fixed with 5.19
+CVE-2022-38096: Fix unknown
+CVE-2022-38457: Fix unknown
+CVE-2022-39190: Fixed with 5.19.6
+CVE-2022-40133: Fix unknown
+CVE-2022-40307: Fixed with 5.19.9
+CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
new file mode 100644
index 0000000..6b99ac5
--- /dev/null
+++ b/data/5.19/5.19_security.txt
@@ -0,0 +1,99 @@
+
+CVEs fixed in 5.19:
+ CVE-2022-36946: 99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164 netfilter: nf_queue: do not allow packet truncation below transport header offset
+
+CVEs fixed in 5.19.1:
+ CVE-2022-26373: f826d0412d80348aa22274ec9884cab0950a350b x86/speculation: Add RSB VM Exit protections
+
+CVEs fixed in 5.19.2:
+ CVE-2022-1679: b66ebac40f64336ae2d053883bee85261060bd27 ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
+ CVE-2022-2585: b2fc1723eb65abb83e00d5f011de670296af0b28 posix-cpu-timers: Cleanup CPU timers before freeing them during exec
+ CVE-2022-2586: 0d07039397527361850c554c192e749cfc879ea9 netfilter: nf_tables: do not allow SET_ID to refer to another table
+ CVE-2022-2588: ee3f18d90e80e79449d575fa3e7a6b775e9fc35e net_sched: cls_route: remove from list when handle is 0
+
+CVEs fixed in 5.19.6:
+ CVE-2022-2590: 9def52eb10baab3b700858003d462fcf17d62873 mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
+ CVE-2022-2905: a36df92c7ff7ecde2fb362241d0ab024dddd0597 bpf: Don't use tnum_range on array range checking for poke descriptors
+ CVE-2022-3028: 6901885656c029c976498290b52f67f2c251e6a0 af_key: Do not call xfrm_probe_algs in parallel
+ CVE-2022-39190: fdca693fcf26c11596e7aa1e540af2b4a5288c76 netfilter: nf_tables: disallow binding to already bound chain
+
+CVEs fixed in 5.19.9:
+ CVE-2022-2663: 6cf0609154b2ce8d3ae160e7506ab316400a8d3d netfilter: nf_conntrack_irc: Fix forged IP logic
+ CVE-2022-40307: d46815a8f26ca6db2336106a148265239f73b0af efi: capsule-loader: Fix use-after-free in efi_capsule_write
+
+Outstanding CVEs:
+ CVE-2005-3660: (unk)
+ CVE-2007-3719: (unk)
+ CVE-2008-2544: (unk)
+ CVE-2008-4609: (unk)
+ CVE-2010-4563: (unk)
+ CVE-2010-5321: (unk)
+ CVE-2011-4916: (unk)
+ CVE-2011-4917: (unk)
+ CVE-2012-4542: (unk)
+ CVE-2013-7445: (unk)
+ CVE-2015-2877: (unk)
+ CVE-2016-8660: (unk)
+ CVE-2017-13693: (unk)
+ CVE-2017-13694: (unk)
+ CVE-2018-1121: (unk)
+ CVE-2018-12928: (unk)
+ CVE-2018-12929: (unk)
+ CVE-2018-12930: (unk)
+ CVE-2018-12931: (unk)
+ CVE-2018-17977: (unk)
+ CVE-2019-12456: (unk)
+ CVE-2019-15239: (unk) unknown
+ CVE-2019-15290: (unk)
+ CVE-2019-15902: (unk) unknown
+ CVE-2019-16089: (unk)
+ CVE-2019-19378: (unk)
+ CVE-2019-19814: (unk)
+ CVE-2019-20794: (unk)
+ CVE-2020-0347: (unk)
+ CVE-2020-10708: (unk)
+ CVE-2020-11725: (unk)
+ CVE-2020-14304: (unk)
+ CVE-2020-15802: (unk)
+ CVE-2020-24502: (unk)
+ CVE-2020-24503: (unk)
+ CVE-2020-25220: (unk)
+ CVE-2020-26140: (unk)
+ CVE-2020-26142: (unk)
+ CVE-2020-26143: (unk)
+ CVE-2020-26556: (unk)
+ CVE-2020-26557: (unk)
+ CVE-2020-26559: (unk)
+ CVE-2020-26560: (unk)
+ CVE-2020-35501: (unk)
+ CVE-2020-36516: (unk)
+ CVE-2021-0399: (unk)
+ CVE-2021-0695: (unk)
+ CVE-2021-26934: (unk)
+ CVE-2021-3542: (unk)
+ CVE-2021-3714: (unk)
+ CVE-2021-3847: (unk)
+ CVE-2021-3864: (unk)
+ CVE-2021-3892: (unk)
+ CVE-2021-39800: (unk)
+ CVE-2021-39801: (unk)
+ CVE-2021-39802: (unk)
+ CVE-2022-0400: (unk)
+ CVE-2022-1116: (unk)
+ CVE-2022-1247: (unk)
+ CVE-2022-2209: (unk)
+ CVE-2022-2308: (unk)
+ CVE-2022-23825: (unk)
+ CVE-2022-25265: (unk)
+ CVE-2022-26878: (unk)
+ CVE-2022-2961: (unk)
+ CVE-2022-2978: (unk)
+ CVE-2022-3169: (unk)
+ CVE-2022-3176: (unk)
+ CVE-2022-36280: (unk)
+ CVE-2022-36402: (unk)
+ CVE-2022-38096: (unk)
+ CVE-2022-38457: (unk)
+ CVE-2022-40133: (unk)
+ CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index ce7a4f2..183a5d0 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -600,7 +600,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -628,6 +628,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -649,3 +650,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index 8ee5e00..59bdf9f 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -638,7 +638,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -666,6 +666,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -687,3 +688,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index b876d04..7dbbee3 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -572,7 +572,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -600,6 +600,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -621,3 +622,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 007fff3..46e3192 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -608,7 +608,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -636,6 +636,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -657,3 +658,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index 105d1be..a26e1f0 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -500,7 +500,7 @@
CVE-2022-26373: Fixed with 5.4.210
CVE-2022-2639: Fixed with 5.4.191
CVE-2022-26490: Fixed with 5.4.188
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fixed with 5.4.213
CVE-2022-26966: Fixed with 5.4.182
CVE-2022-27223: Fixed with 5.4.182
CVE-2022-27666: Fixed with 5.4.188
@@ -528,6 +528,7 @@
CVE-2022-3202: Fixed with 5.4.189
CVE-2022-32250: Fixed with 5.4.198
CVE-2022-32296: Fixed with 5.4.201
+CVE-2022-3239: Fixed with 5.4.189
CVE-2022-32981: Fixed with 5.4.198
CVE-2022-33740: Fixed with 5.4.204
CVE-2022-33741: Fixed with 5.4.204
@@ -549,3 +550,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.4.213
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fixed with 5.4.211
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index 2693832..b01d517 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -662,6 +662,7 @@
CVE-2022-2977: a27ed2f3695baf15f9b34d2d7a1f9fc105539a81 tpm: fix reference counting for struct tpm_chip
CVE-2022-30594: 2458ecd21f29a3e5571d7d97764c043083deed5e ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3202: e19c3149a80e4fc8df298d6546640e01601f3758 jfs: prevent NULL deref in diFree
+ CVE-2022-3239: 92f84aa82dfaa8382785874277b0c4bedec89a68 media: em28xx: initialize refcount before kref_get
CVEs fixed in 5.4.190:
CVE-2022-1204: 9e1e088a57c23251f1cfe9601bbd90ade2ea73b9 ax25: Fix refcount leaks caused by ax25_cb_del()
@@ -741,11 +742,13 @@
CVE-2022-2153: 8cdba919acefdd6fea5dd2b77a119f54fb88ce11 KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()
CVE-2022-2586: fab2f61cc3b0e441b1749f017cfee75f9bbaded7 netfilter: nf_tables: do not allow SET_ID to refer to another table
CVE-2022-2588: 1fcd691cc2e7f808eca2e644adee1f1c6c1527fd net_sched: cls_route: remove from list when handle is 0
+ CVE-2022-41222: 79e522101cf40735f1936a10312e17f937b8dcad mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVEs fixed in 5.4.212:
CVE-2022-3028: 8ee27a4f0f1ad36d430221842767880df6494147 af_key: Do not call xfrm_probe_algs in parallel
CVEs fixed in 5.4.213:
+ CVE-2022-2663: 36f7b71f8ad8e4d224b45f7d6ecfeff63b091547 netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-40307: 8028ff4cdbb3f20d3c1c04be33a83bab0cb94997 efi: capsule-loader: Fix use-after-free in efi_capsule_write
Outstanding CVEs:
@@ -851,7 +854,6 @@
CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
- CVE-2022-2663: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
@@ -873,3 +875,4 @@
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index eee9386..5171d82 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -458,7 +458,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -488,6 +488,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -509,3 +510,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index 4a2edc0..ae2cdd3 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -492,7 +492,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -522,6 +522,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -543,3 +544,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index d6bf3bf..98ff919 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -433,7 +433,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -463,6 +463,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -484,3 +485,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index 1cfe080..1e5df5a 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -467,7 +467,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -497,6 +497,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -518,3 +519,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index a6c87d2..22393a2 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -421,7 +421,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -451,6 +451,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -472,3 +473,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index 50baec3..7f9b31a 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -455,7 +455,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -485,6 +485,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -506,3 +507,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index 0ff848e..b20a90d 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -402,7 +402,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -433,6 +433,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -454,3 +455,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index 0783b08..d6d283e 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -436,7 +436,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -467,6 +467,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -488,3 +489,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index cdf9b1b..ebe3a0d 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -373,7 +373,7 @@
CVE-2022-26373: Fix not seen in stream
CVE-2022-2639: Fix not seen in stream
CVE-2022-26490: Fix not seen in stream
-CVE-2022-2663: Fix unknown
+CVE-2022-2663: Fix not seen in stream
CVE-2022-26966: Fix not seen in stream
CVE-2022-27223: Fix not seen in stream
CVE-2022-27666: Fix not seen in stream
@@ -404,6 +404,7 @@
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
+CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
@@ -426,3 +427,5 @@
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
+CVE-2022-41218: Fix unknown
+CVE-2022-41222: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index d5c6649..1aa9c6d 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -403,7 +403,7 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-2639: (unk) openvswitch: fix OOB access in reserve_sfa_size()
CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
- CVE-2022-2663: (unk)
+ CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26966: (unk) sr9700: sanity check for packet length
CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc
CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation
@@ -434,6 +434,7 @@
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
+ CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
@@ -456,3 +457,5 @@
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
+ CVE-2022-41218: (unk)
+ CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/CVEs.txt b/data/CVEs.txt
index 8cc69c7..1515e36 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2082,7 +2082,7 @@
CVE-2022-26373: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2b1299322016731d56807aa49254a5ea3080b6b3 (v2.6.12-rc2 to v6.0-rc1)
CVE-2022-2639: f28cd2af22a0c134e4aa1c64a70f70d815d473fb - cefa91b2332d7009bc0be5d951d6cbbf349f90f8 (v5.1-rc4 to v5.18-rc4)
CVE-2022-26490: 26fc6c7f02cb26c39c4733de3dbc3c0646fc1074 - 4fbcc1a4cb20fe26ad0225679c536c80f1648221 (v4.0-rc1 to v5.17-rc1)
-CVE-2022-2663: (n/a) - (n/a) (unk to unk)
+CVE-2022-2663: (n/a) - 0efe125cfb99e6773a7434f3463f7c2fa28f3a43 (unk to v6.0-rc5)
CVE-2022-26878: afd2daa26c7abd734d78bd274fc6c59a15e61063 - (n/a) (v5.13-rc1 to unk)
CVE-2022-26966: c9b37458e95629b1d1171457afdcc1bf1eb7881d - e9da0b56fe27206b49f39805f7dcda8a89379062 (v3.12-rc1 to v5.17-rc6)
CVE-2022-27223: 1f7c51660034091dc134fcc534b7f1fa86a6e823 - 7f14c7227f342d9932f9b918893c8814f86d2a0d (v3.18-rc1 to v5.17-rc6)
@@ -2109,7 +2109,7 @@
CVE-2022-29901: (n/a) - 742ab6df974ae8384a2dd213db1a3a06cf6d8936 (unk to v5.19-rc7)
CVE-2022-2991: cd9e9808d18fe7107c306f6e71c8be7230ee42b4 - 9ea9b9c48387edc101d56349492ad9c0492ff78d (v4.4-rc1 to v5.15-rc1)
CVE-2022-29968: 3e08773c3841e9db7a520908cc2b136a77d275ff - 32452a3eb8b64e01e2be717f518c0be046975b9d (v5.16-rc1 to v5.18-rc5)
-CVE-2022-3028: (n/a) - ba953a9d89a00c078b85f4b190bc1dde66fe16b5 (unk to v6.0-rc3)
+CVE-2022-3028: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ba953a9d89a00c078b85f4b190bc1dde66fe16b5 (v2.6.12-rc2 to v6.0-rc3)
CVE-2022-30594: 13c4a90119d28cfcb6b5bdd820c233b86c2b0237 - ee1fee900537b5d9560e9f937402de5ddc8412f3 (v4.3-rc1 to v5.18-rc1)
CVE-2022-3061: (n/a) - 15cf0b82271b1823fb02ab8c377badba614d95d5 (unk to v5.18-rc5)
CVE-2022-3077: (n/a) - 690b2549b19563ec5ad53e5c82f6a944d910086e (unk to v5.19-rc1)
@@ -2117,9 +2117,10 @@
CVE-2022-3169: (n/a) - (n/a) (unk to unk)
CVE-2022-3170: c27e1efb61c545f36c450ef60862df9251d239a4 - 6ab55ec0a938c7f943a4edba3d6514f775983887 (v6.0-rc1 to v6.0-rc4)
CVE-2022-3176: (n/a) - (n/a) (unk to unk)
-CVE-2022-3202: (n/a) - a53046291020ec41e09181396c1e829287b48d47 (unk to v5.18-rc1)
+CVE-2022-3202: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a53046291020ec41e09181396c1e829287b48d47 (v2.6.12-rc2 to v5.18-rc1)
CVE-2022-32250: 0b2d8a7b638b5034d2d68f6add8af94daaa1d4cd - 520778042ccca019f3ffa136dd0ca565c486cedd (v4.1-rc1 to v5.19-rc1)
CVE-2022-32296: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5 (v2.6.12-rc2 to v5.18-rc6)
+CVE-2022-3239: (n/a) - c08eadca1bdfa099e20a32f8fa4b52b2f672236d (unk to v5.18-rc1)
CVE-2022-32981: 87fec0514f613f8ac43c01b0bc0bc7072c5d10ae - 8e1278444446fc97778a5e5c99bca1ce0bbc5ec9 (v3.13-rc1 to v5.19-rc2)
CVE-2022-33740: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 307c8de2b02344805ebead3440d8feed28f2f010 (v2.6.12-rc2 to v5.19-rc6)
CVE-2022-33741: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4491001c2e0fa69efbb748c96ec96b100a5cdb7e (v2.6.12-rc2 to v5.19-rc6)
@@ -2138,10 +2139,12 @@
CVE-2022-38096: (n/a) - (n/a) (unk to unk)
CVE-2022-38457: (n/a) - (n/a) (unk to unk)
CVE-2022-39188: (n/a) - b67fbebd4cf980aecbcc750e1462128bffe8ae15 (unk to v5.19-rc8)
-CVE-2022-39189: (n/a) - 6cd88243c7e03845a450795e134b488fc2afb736 (unk to v5.19-rc2)
+CVE-2022-39189: f38a7b75267f1fb240a8178cbcb16d66dd37aac8 - 6cd88243c7e03845a450795e134b488fc2afb736 (v4.16-rc1 to v5.19-rc2)
CVE-2022-39190: (n/a) - e02f0d3970404bfea385b6edb86f2d936db0ea2b (unk to v6.0-rc3)
-CVE-2022-39842: (n/a) - a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7 (unk to v5.19-rc4)
+CVE-2022-39842: 364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6 - a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7 (v2.6.38-rc1 to v5.19-rc4)
CVE-2022-40133: (n/a) - (n/a) (unk to unk)
CVE-2022-40307: (n/a) - 9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95 (unk to v6.0-rc5)
CVE-2022-40476: 9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7 - 386e4fb6962b9f248a80f8870aea0870ca603e89 (v5.19-rc1 to v5.19-rc4)
CVE-2022-40768: (n/a) - (n/a) (unk to unk)
+CVE-2022-41218: (n/a) - (n/a) (unk to unk)
+CVE-2022-41222: (n/a) - 97113eb39fa7972722ff490b947d8af023e1f6a2 (unk to v5.14-rc1)
diff --git a/data/cmts.json b/data/cmts.json
index b04e1ca..b5b3226 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -161,6 +161,7 @@
"0e9a9a1ad619e7e987815d20262d36a2f95717ca": "v3.8-rc2",
"0ea1ec713f04bdfac343c9702b21cd3a7c711826": "v3.13-rc1",
"0eab121ef8750a5c8637d51534d5e9143fb0633f": "v4.9",
+ "0efe125cfb99e6773a7434f3463f7c2fa28f3a43": "v6.0-rc5",
"0f12156dff2862ac54235fc72703f18770769042": "v5.15-rc1",
"0f2122045b946241a9e549c2a76cea54fa58a7ff": "v5.10-rc1",
"0f2af21aae11972fa924374ddcf52e88347cf5a8": "v4.1-rc1",
@@ -624,6 +625,7 @@
"362bca57f5d78220f8b5907b875961af9436e229": "v4.15-rc3",
"362e4e49abe53e89d87455dfcd7c1bbaf08a839d": "v3.1-rc8",
"363b02dab09b3226f3bd1420dad9c72b79a42a76": "v4.14-rc6",
+ "364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6": "v2.6.38-rc1",
"36947254e5f981aeeedab1c7dfa35fc34d330e80": "v5.7-rc1",
"36a6503feddadbbad415fb3891e80f94c10a9b21": "v4.9-rc1",
"36cf515b9bbe298e1ce7384620f0d4ec45ad3328": "v4.12-rc1",
@@ -1690,6 +1692,7 @@
"96ca579a1ecc943b75beba58bebb0356f6cc4b51": "v4.14-rc5",
"9705acd63b125dee8b15c705216d7186daea4625": "v4.2-rc2",
"9709674e68646cee5a24e3000b3558d25412203a": "v3.16-rc1",
+ "97113eb39fa7972722ff490b947d8af023e1f6a2": "v5.14-rc1",
"9720b4bc76a83807c68e00c62bfba575251bb73e": "v2.6.39-rc1",
"973c096f6a85e5b5f2a295126ba6928d9a6afd45": "v5.9-rc6",
"9764c02fcbad40001fd3f63558d918e4d519bb75": "v4.14-rc2",
@@ -2159,6 +2162,7 @@
"c03b45b853f5829816d871283c792e7527a7ded1": "v4.13-rc4",
"c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81": "v3.18-rc1",
"c085c49920b2f900ba716b4ca1c1a55ece9872cc": "v3.9-rc3",
+ "c08eadca1bdfa099e20a32f8fa4b52b2f672236d": "v5.18-rc1",
"c09440f7dcb304002dfced8c0fea289eb25f2da0": "v4.6-rc1",
"c095508770aebf1b9218e77026e48345d719b17c": "v4.15-rc8",
"c09581a52765a85f19fc35340127396d5e3379cc": "v5.2-rc2",
@@ -2715,6 +2719,7 @@
"f3554aeb991214cbfafd17d55e2bfddb50282e32": "v5.3-rc1",
"f3747379accba8e95d70cec0eae0582c8c182050": "v3.19-rc6",
"f384796c40dc55b3dba25e0ee9c1afd98c6d24d1": "v4.17-rc1",
+ "f38a7b75267f1fb240a8178cbcb16d66dd37aac8": "v4.16-rc1",
"f3951a3709ff50990bf3e188c27d346792103432": "v4.4-rc1",
"f3a2181e16f1dcbf5446ed43f6b5d9f56c459f85": "v5.6-rc1",
"f3b59291a69d0b734be1fc8be489fef2dd846d3d": "v3.8-rc1",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index adc558e..7e16658 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -70446,8 +70446,8 @@
},
"cwe": "Use After Free",
"fixes": "0ac4827f78c7ffe8eef074bc010e7e34bc22f533",
- "last_affected_version": "5.18.17",
- "last_modified": "2022-08-26",
+ "last_affected_version": "5.19.1",
+ "last_modified": "2022-09-22",
"nvd_text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1679",
@@ -72243,31 +72243,32 @@
"breaks": "55e8c8eb2c7b6bf30e99423ccfe7ca032f498f59",
"cmt_msg": "posix-cpu-timers: Cleanup CPU timers before freeing them during exec",
"fixes": "e362359ace6f87c201531872486ff295df306d13",
- "last_affected_version": "5.18.17",
- "last_modified": "2022-08-22"
+ "last_affected_version": "5.19.1",
+ "last_modified": "2022-09-22"
},
"CVE-2022-2586": {
"affected_versions": "v3.16-rc1 to v6.0-rc1",
"breaks": "958bee14d0718ca7a5002c0f48a099d1d345812a",
"cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table",
"fixes": "470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2",
- "last_affected_version": "5.18.17",
- "last_modified": "2022-09-02"
+ "last_affected_version": "5.19.1",
+ "last_modified": "2022-09-22"
},
"CVE-2022-2588": {
"affected_versions": "v2.6.12-rc2 to v6.0-rc1",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0",
"fixes": "9ad36309e2719a884f946678e0296be10f0bb4c1",
- "last_affected_version": "5.18.17",
- "last_modified": "2022-09-02"
+ "last_affected_version": "5.19.1",
+ "last_modified": "2022-09-22"
},
"CVE-2022-2590": {
"affected_versions": "v5.16-rc1 to v6.0-rc3",
"breaks": "9ae0f87d009ca6c4aab2882641ddfc319727e3db",
"cmt_msg": "mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW",
"fixes": "5535be3099717646781ce1540cf725965d680e7b",
- "last_modified": "2022-09-02"
+ "last_affected_version": "5.19.5",
+ "last_modified": "2022-09-22"
},
"CVE-2022-26365": {
"affected_versions": "v2.6.12-rc2 to v5.19-rc6",
@@ -72314,8 +72315,8 @@
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "x86/speculation: Add RSB VM Exit protections",
"fixes": "2b1299322016731d56807aa49254a5ea3080b6b3",
- "last_affected_version": "5.18.16",
- "last_modified": "2022-09-02"
+ "last_affected_version": "5.19.0",
+ "last_modified": "2022-09-22"
},
"CVE-2022-2639": {
"affected_versions": "v5.1-rc4 to v5.18-rc4",
@@ -72366,10 +72367,12 @@
}
},
"CVE-2022-2663": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.0-rc5",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-09-02"
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "fixes": "0efe125cfb99e6773a7434f3463f7c2fa28f3a43",
+ "last_affected_version": "5.19.8",
+ "last_modified": "2022-09-22"
},
"CVE-2022-26878": {
"affected_versions": "v5.13-rc1 to unk",
@@ -72822,8 +72825,8 @@
"breaks": "d2e4c1e6c2947269346054ac8937ccfe9e0bcc6b",
"cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors",
"fixes": "a657182a5c5150cdfacb6640aad1d2712571a409",
- "last_affected_version": "5.15.63",
- "last_modified": "2022-09-09"
+ "last_affected_version": "5.19.5",
+ "last_modified": "2022-09-22"
},
"CVE-2022-29156": {
"affected_versions": "v5.12-rc1-dontuse to v5.17-rc6",
@@ -73071,12 +73074,12 @@
}
},
"CVE-2022-3028": {
- "affected_versions": "unk to v6.0-rc3",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v6.0-rc3",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel",
"fixes": "ba953a9d89a00c078b85f4b190bc1dde66fe16b5",
- "last_affected_version": "5.15.63",
- "last_modified": "2022-09-09"
+ "last_affected_version": "5.19.5",
+ "last_modified": "2022-09-22"
},
"CVE-2022-30594": {
"affected_versions": "v4.3-rc1 to v5.18-rc1",
@@ -73160,12 +73163,12 @@
"last_modified": "2022-09-19"
},
"CVE-2022-3202": {
- "affected_versions": "unk to v5.18-rc1",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v5.18-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "jfs: prevent NULL deref in diFree",
"fixes": "a53046291020ec41e09181396c1e829287b48d47",
"last_affected_version": "5.17.2",
- "last_modified": "2022-09-19"
+ "last_modified": "2022-09-22"
},
"CVE-2022-32250": {
"affected_versions": "v4.1-rc1 to v5.19-rc1",
@@ -73247,6 +73250,14 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2022-32296"
}
},
+ "CVE-2022-3239": {
+ "affected_versions": "unk to v5.18-rc1",
+ "breaks": "",
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "fixes": "c08eadca1bdfa099e20a32f8fa4b52b2f672236d",
+ "last_affected_version": "5.17.1",
+ "last_modified": "2022-09-22"
+ },
"CVE-2022-32981": {
"affected_versions": "v3.13-rc1 to v5.19-rc2",
"breaks": "87fec0514f613f8ac43c01b0bc0bc7072c5d10ae",
@@ -73680,8 +73691,8 @@
"breaks": "7af4cc3fa158ff1dda6e7451c7e6afa6b0bb85cb",
"cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset",
"fixes": "99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164",
- "last_affected_version": "5.18.15",
- "last_modified": "2022-08-26"
+ "last_affected_version": "5.18",
+ "last_modified": "2022-09-22"
},
"CVE-2022-38096": {
"affected_versions": "unk to unk",
@@ -73703,27 +73714,27 @@
"last_modified": "2022-09-02"
},
"CVE-2022-39189": {
- "affected_versions": "unk to v5.19-rc2",
- "breaks": "",
+ "affected_versions": "v4.16-rc1 to v5.19-rc2",
+ "breaks": "f38a7b75267f1fb240a8178cbcb16d66dd37aac8",
"cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries",
"fixes": "6cd88243c7e03845a450795e134b488fc2afb736",
"last_affected_version": "5.18.16",
- "last_modified": "2022-09-02"
+ "last_modified": "2022-09-22"
},
"CVE-2022-39190": {
"affected_versions": "unk to v6.0-rc3",
"breaks": "",
"cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain",
"fixes": "e02f0d3970404bfea385b6edb86f2d936db0ea2b",
- "last_affected_version": "5.15.63",
- "last_modified": "2022-09-02"
+ "last_affected_version": "5.19.5",
+ "last_modified": "2022-09-22"
},
"CVE-2022-39842": {
- "affected_versions": "unk to v5.19-rc4",
- "breaks": "",
+ "affected_versions": "v2.6.38-rc1 to v5.19-rc4",
+ "breaks": "364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6",
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write",
"fixes": "a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7",
- "last_modified": "2022-09-09"
+ "last_modified": "2022-09-22"
},
"CVE-2022-40133": {
"affected_versions": "unk to unk",
@@ -73736,8 +73747,8 @@
"breaks": "",
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"fixes": "9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95",
- "last_affected_version": "5.15.67",
- "last_modified": "2022-09-19"
+ "last_affected_version": "5.19.8",
+ "last_modified": "2022-09-22"
},
"CVE-2022-40476": {
"affected_versions": "v5.19-rc1 to v5.19-rc4",
@@ -73750,5 +73761,19 @@
"breaks": "",
"fixes": "",
"last_modified": "2022-09-19"
+ },
+ "CVE-2022-41218": {
+ "affected_versions": "unk to unk",
+ "breaks": "",
+ "fixes": "",
+ "last_modified": "2022-09-22"
+ },
+ "CVE-2022-41222": {
+ "affected_versions": "unk to v5.14-rc1",
+ "breaks": "",
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries.",
+ "fixes": "97113eb39fa7972722ff490b947d8af023e1f6a2",
+ "last_affected_version": "5.13.2",
+ "last_modified": "2022-09-22"
}
}
\ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json
index 671d0ee..2ef2b22 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -2222,9 +2222,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -2741,6 +2738,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18282": {
"cmt_msg": "net/flow_dissector: switch to siphash"
},
@@ -3263,6 +3263,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -3471,7 +3474,7 @@
"cmt_msg": "fs: take i_mutex during prepare_binprm for set[ug]id executables"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-15219": {
"cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe"
@@ -3857,6 +3860,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -4577,9 +4583,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -5270,6 +5273,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -6035,6 +6041,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -6315,7 +6324,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -6842,6 +6851,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -7692,9 +7704,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -8316,6 +8325,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18282": {
"cmt_msg": "net/flow_dissector: switch to siphash"
},
@@ -8991,6 +9003,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -9241,7 +9256,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -9726,6 +9741,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -10435,9 +10453,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -11104,6 +11119,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -11827,6 +11845,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -12086,7 +12107,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -12589,6 +12610,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -13296,9 +13320,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -13887,6 +13908,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2020-15780": {
"cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down"
},
@@ -14517,6 +14541,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -14752,7 +14779,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -15201,6 +15228,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -18746,6 +18776,10 @@
}
},
"4.14.293": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "6ce66e3442a5989cbe56a6884384bf0b7d1d0725"
+ },
"CVE-2022-40307": {
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"cmt_id": "233d5c4d18971feee5fc2f33f00b63d8205cfc67"
@@ -18798,9 +18832,6 @@
"CVE-2017-5753": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
- "CVE-2022-2663": {
- "cmt_msg": ""
- },
"CVE-2019-19377": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -18990,6 +19021,9 @@
"CVE-2021-4023": {
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18680": {
"cmt_msg": ""
},
@@ -19011,9 +19045,6 @@
"CVE-2013-7445": {
"cmt_msg": ""
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2019-19036": {
"cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations"
},
@@ -19098,6 +19129,9 @@
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2020-8834": {
"cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm"
},
@@ -19176,6 +19210,9 @@
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2020-7053": {
"cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr"
},
@@ -20333,6 +20370,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2020-15780": {
"cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down"
},
@@ -20912,6 +20952,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -21138,7 +21181,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -21557,6 +21600,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -22796,6 +22842,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-37576": {
"cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow"
},
@@ -23411,6 +23460,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -23637,7 +23689,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -24080,6 +24132,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -26882,6 +26937,10 @@
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path",
"cmt_id": "a8bba9fd73775e66b4021b18f2193f769ce48a59"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "cmt_id": "0113fa98a49a8e46a19b0ad80f29c904c6feec23"
+ },
"CVE-2022-1011": {
"cmt_msg": "fuse: fix pipe buffer lifetime for direct_io",
"cmt_id": "99db28212be68030c1db3a525f6bbdce39b039e9"
@@ -27094,6 +27153,10 @@
}
},
"4.19.258": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "3275f7804f40de3c578d2253232349b07c25f146"
+ },
"CVE-2022-40307": {
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"cmt_id": "021805af5bedeafc76c117fc771c100b358ab419"
@@ -27391,6 +27454,9 @@
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -27463,6 +27529,9 @@
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2020-7053": {
"cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr"
},
@@ -27531,9 +27600,6 @@
},
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
- },
- "CVE-2022-2663": {
- "cmt_msg": ""
}
}
},
@@ -28562,6 +28628,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2020-15780": {
"cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down"
},
@@ -29132,6 +29201,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -29358,7 +29430,7 @@
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -29762,6 +29834,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -31769,9 +31844,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -32366,6 +32438,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -33041,6 +33116,9 @@
"CVE-2015-1805": {
"cmt_msg": "new helper: copy_page_from_iter()"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -33300,7 +33378,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2016-6787": {
"cmt_msg": "perf: Fix event->ctx locking"
@@ -33770,6 +33848,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -35334,9 +35415,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -35997,6 +36075,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -36762,6 +36843,9 @@
"CVE-2015-1805": {
"cmt_msg": "new helper: copy_page_from_iter()"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -37045,7 +37129,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2016-6787": {
"cmt_msg": "perf: Fix event->ctx locking"
@@ -37569,6 +37653,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -40705,9 +40792,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -41080,6 +41164,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34981": {
"cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails"
},
@@ -41407,6 +41494,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -41558,7 +41648,7 @@
"cmt_msg": "fs: take i_mutex during prepare_binprm for set[ug]id executables"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -41860,6 +41950,9 @@
"CVE-2016-6198": {
"cmt_msg": "vfs: add vfs_select_inode() helper"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -44414,9 +44507,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -44891,6 +44981,9 @@
"CVE-2014-9914": {
"cmt_msg": "ipv4: fix a race in ip4_datagram_release_cb()"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-19227": {
"cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client"
},
@@ -45395,6 +45488,9 @@
"CVE-2015-1805": {
"cmt_msg": "new helper: copy_page_from_iter()"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2016-9754": {
"cmt_msg": "ring-buffer: Prevent overflow of size in ring_buffer_resize()"
},
@@ -45609,7 +45705,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-15219": {
"cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe"
@@ -45962,6 +46058,9 @@
"CVE-2016-6198": {
"cmt_msg": "vfs: add vfs_select_inode() helper"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -46708,9 +46807,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -47422,6 +47518,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -48250,6 +48349,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -48566,7 +48668,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -49114,6 +49216,9 @@
"CVE-2017-18174": {
"cmt_msg": "pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -53130,6 +53235,9 @@
"CVE-2008-2544": {
"cmt_msg": ""
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-34918": {
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
@@ -53269,7 +53377,7 @@
"cmt_msg": ""
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-2503": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
@@ -53325,9 +53433,6 @@
"CVE-2013-7445": {
"cmt_msg": ""
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2019-19036": {
"cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations"
},
@@ -53637,9 +53742,15 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-3542": {
"cmt_msg": ""
},
@@ -54261,9 +54372,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -54963,6 +55071,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -55743,6 +55854,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -56053,7 +56167,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -56607,6 +56721,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -57365,9 +57482,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -58067,6 +58181,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -58859,6 +58976,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -59163,7 +59283,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -59717,6 +59837,9 @@
"CVE-2017-18174": {
"cmt_msg": "pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -61577,9 +61700,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -62141,6 +62261,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-19227": {
"cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client"
},
@@ -62723,6 +62846,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -62955,7 +63081,7 @@
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-15219": {
"cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe"
@@ -63404,6 +63530,9 @@
"CVE-2017-18174": {
"cmt_msg": "pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -64336,6 +64465,9 @@
"CVE-2021-39657": {
"cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34981": {
"cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails"
},
@@ -64684,6 +64816,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -64841,7 +64976,7 @@
"cmt_msg": "gup: document and work around \"COW can break either way\" issue"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -65110,6 +65245,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -65790,9 +65928,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -66519,6 +66654,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -67389,6 +67527,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -67717,7 +67858,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2016-3140": {
"cmt_msg": "USB: digi_acceleport: do sanity checking for the number of ports"
@@ -68289,6 +68430,9 @@
"CVE-2017-18174": {
"cmt_msg": "pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -69189,6 +69333,9 @@
"CVE-2021-39657": {
"cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34981": {
"cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails"
},
@@ -69498,6 +69645,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -69646,7 +69796,7 @@
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-25645": {
"cmt_msg": "geneve: add transport ports in route lookup for geneve"
@@ -69906,6 +70056,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-3077": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -70678,6 +70831,9 @@
"CVE-2021-39657": {
"cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34866": {
"cmt_msg": "bpf: Fix ringbuf helper function compatibility"
},
@@ -71105,7 +71261,7 @@
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -71359,12 +71515,18 @@
"CVE-2021-45486": {
"cmt_msg": "inet: use bigger hash table for IP ID generation"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-3077": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
"CVE-2022-36946": {
"cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2022-23222": {
"cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL"
},
@@ -72073,6 +72235,9 @@
"CVE-2021-39657": {
"cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34866": {
"cmt_msg": "bpf: Fix ringbuf helper function compatibility"
},
@@ -72343,6 +72508,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -72473,7 +72641,7 @@
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -72709,6 +72877,9 @@
"CVE-2021-45486": {
"cmt_msg": "inet: use bigger hash table for IP ID generation"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-3077": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -76516,6 +76687,12 @@
"cmt_id": "e580d3201ed222c4752ced7e629ad96bc0340713"
}
},
+ "4.9.328": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "eb4d8d6b44a23ff2b6e2af06c8240de73dff8a7d"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -76796,6 +76973,9 @@
"CVE-2021-4023": {
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18680": {
"cmt_msg": "unknown"
},
@@ -76820,9 +77000,6 @@
"CVE-2013-7445": {
"cmt_msg": ""
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2019-19036": {
"cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations"
},
@@ -76952,6 +77129,9 @@
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-2025": {
"cmt_msg": "binder: fix race that allows malicious free of live buffer"
},
@@ -77042,6 +77222,9 @@
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-3542": {
"cmt_msg": ""
},
@@ -77093,9 +77276,6 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
- "CVE-2022-2663": {
- "cmt_msg": ""
- },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -77661,9 +77841,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -78363,6 +78540,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -79134,6 +79314,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -79435,7 +79618,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -79992,6 +80175,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -80745,9 +80931,6 @@
"CVE-2021-42008": {
"cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data"
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -81426,6 +81609,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18660": {
"cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch"
},
@@ -82164,6 +82350,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2018-8822": {
"cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()"
},
@@ -82426,7 +82615,7 @@
"cmt_msg": "mmap: introduce sane default mmap limits"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2019-8912": {
"cmt_msg": "net: crypto set sk to NULL when af_alg_release."
@@ -82938,6 +83127,9 @@
"CVE-2021-0447": {
"cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -84194,6 +84386,9 @@
"CVE-2019-12984": {
"cmt_msg": "nfc: Ensure presence of required attributes in the deactivate_target handler"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-19227": {
"cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client"
},
@@ -84704,6 +84899,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -84912,7 +85110,7 @@
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-29370": {
"cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()"
@@ -85274,6 +85472,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -86379,6 +86580,9 @@
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18282": {
"cmt_msg": "net/flow_dissector: switch to siphash"
},
@@ -86865,6 +87069,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -87076,7 +87283,7 @@
"cmt_msg": "io_uring: grab ->fs as part of async preparation"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-29370": {
"cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()"
@@ -87435,6 +87642,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -88487,6 +88697,9 @@
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-18282": {
"cmt_msg": "net/flow_dissector: switch to siphash"
},
@@ -88955,6 +89168,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -89160,7 +89376,7 @@
"cmt_msg": "io_uring: grab ->fs as part of async preparation"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -89498,6 +89714,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -89833,6 +90052,10 @@
"cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer",
"cmt_id": "7a9bfd7589c18c20df5a5b9278549a2807627e30"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries.",
+ "cmt_id": "864c4d1d25170def283b2bf87726218126634f04"
+ },
"CVE-2021-3655": {
"cmt_msg": "sctp: validate from_addr_param return",
"cmt_id": "d91adac26d5ebac78c731b3aa23ff2c210ce2a0d"
@@ -89941,7 +90164,7 @@
"cmt_msg": "wait: add wake_up_pollfree()"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-2380": {
"cmt_msg": "video: fbdev: sm712fb: Fix crash in smtcfb_read()"
@@ -90249,6 +90472,9 @@
"CVE-2021-4023": {
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
@@ -90408,6 +90634,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -90779,6 +91008,10 @@
"cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails",
"cmt_id": "5c73a8008035879a27f4bcf2d87869d039cb98fb"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries.",
+ "cmt_id": "987a852734e668e0829cf65dd182e44a03064800"
+ },
"CVE-2021-3655": {
"cmt_msg": "sctp: validate from_addr_param return",
"cmt_id": "4ecabee69d190f2bd9bdc5140109a27231428413"
@@ -90996,7 +91229,7 @@
"cmt_msg": "wait: add wake_up_pollfree()"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-2380": {
"cmt_msg": "video: fbdev: sm712fb: Fix crash in smtcfb_read()"
@@ -91295,6 +91528,9 @@
"CVE-2021-4023": {
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
@@ -91532,6 +91768,9 @@
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -92881,6 +93120,10 @@
"CVE-2022-1516": {
"cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect",
"cmt_id": "5c94b6205e87411dbe9dc1ca088eb36b8837fb47"
+ },
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "cmt_id": "ec8a37b2d9a76a9443feb0af95bd06ac3df25444"
}
},
"5.10.111": {
@@ -93134,17 +93377,21 @@
"cmt_msg": "posix-cpu-timers: Cleanup CPU timers before freeing them during exec",
"cmt_id": "541840859ace9c2ccebc32fa9e376c7bd3def490"
},
- "CVE-2022-1679": {
- "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb",
- "cmt_id": "eccd7c3e2596b574241a7670b5b53f5322f470e5"
+ "CVE-2022-2153": {
+ "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()",
+ "cmt_id": "ac7de8c2ba1292856fdd4a4c0764669b9607cf0a"
},
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0",
"cmt_id": "7018f03d97daf344e49b16200caf4363a1407cab"
},
- "CVE-2022-2153": {
- "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()",
- "cmt_id": "ac7de8c2ba1292856fdd4a4c0764669b9607cf0a"
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries.",
+ "cmt_id": "2613baa3ab2153cc45b175c58700d93f72ef36c4"
+ },
+ "CVE-2022-1679": {
+ "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb",
+ "cmt_id": "eccd7c3e2596b574241a7670b5b53f5322f470e5"
}
},
"5.10.140": {
@@ -93162,6 +93409,10 @@
}
},
"5.10.143": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "e12ce30fe593dd438c5b392290ad7316befc11ca"
+ },
"CVE-2022-40307": {
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"cmt_id": "918d9c4a4bdf5205f2fb3f64dddfb56c9a1d01d6"
@@ -93387,6 +93638,9 @@
"CVE-2022-0480": {
"cmt_msg": "memcg: enable accounting for file lock caches"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -93476,9 +93730,6 @@
},
"CVE-2021-32078": {
"cmt_msg": "ARM: footbridge: remove personal server platform"
- },
- "CVE-2022-2663": {
- "cmt_msg": ""
}
}
},
@@ -93853,7 +94104,7 @@
"cmt_msg": "wait: add wake_up_pollfree()"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-2380": {
"cmt_msg": "video: fbdev: sm712fb: Fix crash in smtcfb_read()"
@@ -94203,6 +94454,9 @@
"CVE-2021-4023": {
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
@@ -94371,6 +94625,9 @@
"CVE-2021-3564": {
"cmt_msg": "Bluetooth: fix the erroneous flush_work() order"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-3714": {
"cmt_msg": ""
},
@@ -94383,6 +94640,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -95057,6 +95317,10 @@
"cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()",
"cmt_id": "9e38128f8bd1d4f2244d8a393bc5dc204a99a541"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "cmt_id": "37f808a9e734e9036f7aa42ba4864fc6e91d2572"
+ },
"CVE-2022-1353": {
"cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register",
"cmt_id": "16d974fa4ddda389bf58bb5e4fc8cad8910ba66d"
@@ -95160,7 +95424,7 @@
"cmt_msg": "vdpa: clean up get_config_size ret value handling"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-32250": {
"cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier"
@@ -95426,6 +95690,9 @@
"CVE-2022-1184": {
"cmt_msg": "ext4: verify dir block before splitting it"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -95612,6 +95879,10 @@
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address",
"cmt_id": "5051c04d70c6e035c2c923c04fbe015a4468b08d"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "cmt_id": "d96dd287ca21c5b494bdb55555b33a6afec807cb"
+ },
"CVE-2022-2153": {
"cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()",
"cmt_id": "9fa2b94443ff41cdecdff6f4d4324d83af01089a"
@@ -95846,7 +96117,7 @@
"cmt_msg": "xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -96043,6 +96314,9 @@
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -96404,7 +96678,7 @@
"cmt_msg": "wait: add wake_up_pollfree()"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-2380": {
"cmt_msg": "video: fbdev: sm712fb: Fix crash in smtcfb_read()"
@@ -96664,6 +96938,9 @@
"CVE-2021-4023": {
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
@@ -96865,6 +97142,9 @@
"CVE-2022-20008": {
"cmt_msg": "mmc: block: fix read single on recovery logic"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -97522,6 +97802,10 @@
"cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()",
"cmt_id": "0e5dbc0540baa89faf4c04ccc7e9c4fe6b1d7bf4"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "cmt_id": "332d45fe51d75a3a95c4a04e2cb7bffef284edd4"
+ },
"CVE-2022-1353": {
"cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register",
"cmt_id": "d06ee4572fd916fbb34d16dc81eb37d1dff83446"
@@ -97864,6 +98148,10 @@
}
},
"5.15.68": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4"
+ },
"CVE-2022-40307": {
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"cmt_id": "dd291e070be0eca8807476b022bda00c891d9066"
@@ -98077,7 +98365,7 @@
"CVE-2022-2978": {
"cmt_msg": ""
},
- "CVE-2022-2663": {
+ "CVE-2022-41218": {
"cmt_msg": ""
},
"CVE-2022-25265": {
@@ -99104,6 +99392,9 @@
"CVE-2019-11091": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2019-19227": {
"cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client"
},
@@ -99650,6 +99941,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -99873,7 +100167,7 @@
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2020-29370": {
"cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()"
@@ -100256,6 +100550,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2019-20934": {
"cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers"
},
@@ -102214,6 +102511,10 @@
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path",
"cmt_id": "2dfe9422d528630e2ce0d454147230cce113f814"
+ },
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get",
+ "cmt_id": "92f84aa82dfaa8382785874277b0c4bedec89a68"
}
},
"5.4.190": {
@@ -102417,6 +102718,10 @@
"cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table",
"cmt_id": "fab2f61cc3b0e441b1749f017cfee75f9bbaded7"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries.",
+ "cmt_id": "79e522101cf40735f1936a10312e17f937b8dcad"
+ },
"CVE-2022-1679": {
"cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb",
"cmt_id": "e9e21206b8ea62220b486310c61277e7ebfe7cec"
@@ -102437,6 +102742,10 @@
}
},
"5.4.213": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "36f7b71f8ad8e4d224b45f7d6ecfeff63b091547"
+ },
"CVE-2022-40307": {
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"cmt_id": "8028ff4cdbb3f20d3c1c04be33a83bab0cb94997"
@@ -102695,6 +103004,9 @@
"CVE-2022-0480": {
"cmt_msg": "memcg: enable accounting for file lock caches"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -102811,9 +103123,6 @@
},
"CVE-2020-27835": {
"cmt_msg": "IB/hfi1: Ensure correct mm is used at all times"
- },
- "CVE-2022-2663": {
- "cmt_msg": ""
}
}
},
@@ -103212,6 +103521,9 @@
"CVE-2020-10708": {
"cmt_msg": ""
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2022-1247": {
"cmt_msg": ""
},
@@ -103231,7 +103543,7 @@
"cmt_msg": ""
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-25265": {
"cmt_msg": ""
@@ -103277,6 +103589,293 @@
}
}
},
+ "5.19": {
+ "5.19": {
+ "CVE-2022-36946": {
+ "cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset",
+ "cmt_id": "99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164"
+ }
+ },
+ "5.19.1": {
+ "CVE-2022-26373": {
+ "cmt_msg": "x86/speculation: Add RSB VM Exit protections",
+ "cmt_id": "f826d0412d80348aa22274ec9884cab0950a350b"
+ }
+ },
+ "5.19.2": {
+ "CVE-2022-2586": {
+ "cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table",
+ "cmt_id": "0d07039397527361850c554c192e749cfc879ea9"
+ },
+ "CVE-2022-2585": {
+ "cmt_msg": "posix-cpu-timers: Cleanup CPU timers before freeing them during exec",
+ "cmt_id": "b2fc1723eb65abb83e00d5f011de670296af0b28"
+ },
+ "CVE-2022-1679": {
+ "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb",
+ "cmt_id": "b66ebac40f64336ae2d053883bee85261060bd27"
+ },
+ "CVE-2022-2588": {
+ "cmt_msg": "net_sched: cls_route: remove from list when handle is 0",
+ "cmt_id": "ee3f18d90e80e79449d575fa3e7a6b775e9fc35e"
+ }
+ },
+ "5.19.6": {
+ "CVE-2022-39190": {
+ "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain",
+ "cmt_id": "fdca693fcf26c11596e7aa1e540af2b4a5288c76"
+ },
+ "CVE-2022-2590": {
+ "cmt_msg": "mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW",
+ "cmt_id": "9def52eb10baab3b700858003d462fcf17d62873"
+ },
+ "CVE-2022-3028": {
+ "cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel",
+ "cmt_id": "6901885656c029c976498290b52f67f2c251e6a0"
+ },
+ "CVE-2022-2905": {
+ "cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors",
+ "cmt_id": "a36df92c7ff7ecde2fb362241d0ab024dddd0597"
+ }
+ },
+ "5.19.9": {
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
+ "cmt_id": "6cf0609154b2ce8d3ae160e7506ab316400a8d3d"
+ },
+ "CVE-2022-40307": {
+ "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
+ "cmt_id": "d46815a8f26ca6db2336106a148265239f73b0af"
+ }
+ },
+ "outstanding": {
+ "CVE-2022-2308": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-17977": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-26878": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-15802": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26557": {
+ "cmt_msg": ""
+ },
+ "CVE-2008-2544": {
+ "cmt_msg": ""
+ },
+ "CVE-2010-5321": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12930": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12931": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-35501": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26556": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-15902": {
+ "cmt_msg": "unknown"
+ },
+ "CVE-2022-38096": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-2209": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-39801": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-39800": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3169": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-39802": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-15239": {
+ "cmt_msg": "unknown"
+ },
+ "CVE-2018-1121": {
+ "cmt_msg": ""
+ },
+ "CVE-2007-3719": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-36402": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-19378": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-0695": {
+ "cmt_msg": ""
+ },
+ "CVE-2008-4609": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-14304": {
+ "cmt_msg": ""
+ },
+ "CVE-2005-3660": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-3542": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-0347": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-40133": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-38457": {
+ "cmt_msg": ""
+ },
+ "CVE-2010-4563": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26140": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26143": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26142": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-24503": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-24502": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-12456": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26560": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-3892": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-20794": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-3714": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12929": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12928": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-11725": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26559": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-25220": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-1116": {
+ "cmt_msg": ""
+ },
+ "CVE-2015-2877": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3176": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-23825": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-16089": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-36280": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-0400": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-3864": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-19814": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-10708": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-1247": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-3847": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-2961": {
+ "cmt_msg": ""
+ },
+ "CVE-2017-13693": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-0399": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-2978": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-25265": {
+ "cmt_msg": ""
+ },
+ "CVE-2011-4917": {
+ "cmt_msg": ""
+ },
+ "CVE-2011-4916": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-36516": {
+ "cmt_msg": ""
+ },
+ "CVE-2017-13694": {
+ "cmt_msg": ""
+ },
+ "CVE-2012-4542": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-15290": {
+ "cmt_msg": ""
+ },
+ "CVE-2016-8660": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-26934": {
+ "cmt_msg": ""
+ },
+ "CVE-2013-7445": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-40768": {
+ "cmt_msg": ""
+ }
+ }
+ },
"5.3": {
"5.3": {
"CVE-2019-5108": {
@@ -104241,6 +104840,9 @@
"CVE-2021-39657": {
"cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34981": {
"cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails"
},
@@ -104670,6 +105272,9 @@
"CVE-2019-18808": {
"cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid"
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -104848,7 +105453,7 @@
"cmt_msg": "gup: document and work around \"COW can break either way\" issue"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -105156,6 +105761,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -105937,6 +106545,9 @@
"CVE-2021-39657": {
"cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback"
},
+ "CVE-2022-3239": {
+ "cmt_msg": "media: em28xx: initialize refcount before kref_get"
+ },
"CVE-2021-34981": {
"cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails"
},
@@ -106261,6 +106872,9 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-41222": {
+ "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries."
+ },
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
@@ -106412,7 +107026,7 @@
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
"CVE-2022-2663": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -106687,6 +107301,9 @@
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
},
+ "CVE-2022-41218": {
+ "cmt_msg": ""
+ },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index 20e3cf4..f753d7e 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -31246,6 +31246,10 @@
"cmt_id": "6b14ab47937ba441e75e8dbb9fbfc9c55efa41c6",
"fixed_version": "5.18.18"
},
+ "5.19": {
+ "cmt_id": "b66ebac40f64336ae2d053883bee85261060bd27",
+ "fixed_version": "5.19.2"
+ },
"5.4": {
"cmt_id": "e9e21206b8ea62220b486310c61277e7ebfe7cec",
"fixed_version": "5.4.211"
@@ -32507,6 +32511,10 @@
"5.18": {
"cmt_id": "e8cb6e8fd9890780f1bfcf5592889e1b879e779c",
"fixed_version": "5.18.18"
+ },
+ "5.19": {
+ "cmt_id": "b2fc1723eb65abb83e00d5f011de670296af0b28",
+ "fixed_version": "5.19.2"
}
},
"CVE-2022-2586": {
@@ -32526,6 +32534,10 @@
"cmt_id": "f4fa03410f7c5f5bd8f90e9c11e9a8c4b526ff6f",
"fixed_version": "5.18.18"
},
+ "5.19": {
+ "cmt_id": "0d07039397527361850c554c192e749cfc879ea9",
+ "fixed_version": "5.19.2"
+ },
"5.4": {
"cmt_id": "fab2f61cc3b0e441b1749f017cfee75f9bbaded7",
"fixed_version": "5.4.211"
@@ -32556,11 +32568,21 @@
"cmt_id": "e832c26e7edfa2ddbd2dcdd48016d13d747de6da",
"fixed_version": "5.18.18"
},
+ "5.19": {
+ "cmt_id": "ee3f18d90e80e79449d575fa3e7a6b775e9fc35e",
+ "fixed_version": "5.19.2"
+ },
"5.4": {
"cmt_id": "1fcd691cc2e7f808eca2e644adee1f1c6c1527fd",
"fixed_version": "5.4.211"
}
},
+ "CVE-2022-2590": {
+ "5.19": {
+ "cmt_id": "9def52eb10baab3b700858003d462fcf17d62873",
+ "fixed_version": "5.19.6"
+ }
+ },
"CVE-2022-26365": {
"4.14": {
"cmt_id": "44dc5bcac4b0ec4e876110a69ead25a9b130234b",
@@ -32608,6 +32630,10 @@
"cmt_id": "0abdbbd9ae9c81615836278d787a8c8dcd576c36",
"fixed_version": "5.18.17"
},
+ "5.19": {
+ "cmt_id": "f826d0412d80348aa22274ec9884cab0950a350b",
+ "fixed_version": "5.19.1"
+ },
"5.4": {
"cmt_id": "f2f41ef0352db9679bfae250d7a44b3113f3a3cc",
"fixed_version": "5.4.210"
@@ -32673,6 +32699,36 @@
"fixed_version": "5.4.188"
}
},
+ "CVE-2022-2663": {
+ "4.14": {
+ "cmt_id": "6ce66e3442a5989cbe56a6884384bf0b7d1d0725",
+ "fixed_version": "4.14.293"
+ },
+ "4.19": {
+ "cmt_id": "3275f7804f40de3c578d2253232349b07c25f146",
+ "fixed_version": "4.19.258"
+ },
+ "4.9": {
+ "cmt_id": "eb4d8d6b44a23ff2b6e2af06c8240de73dff8a7d",
+ "fixed_version": "4.9.328"
+ },
+ "5.10": {
+ "cmt_id": "e12ce30fe593dd438c5b392290ad7316befc11ca",
+ "fixed_version": "5.10.143"
+ },
+ "5.15": {
+ "cmt_id": "451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4",
+ "fixed_version": "5.15.68"
+ },
+ "5.19": {
+ "cmt_id": "6cf0609154b2ce8d3ae160e7506ab316400a8d3d",
+ "fixed_version": "5.19.9"
+ },
+ "5.4": {
+ "cmt_id": "36f7b71f8ad8e4d224b45f7d6ecfeff63b091547",
+ "fixed_version": "5.4.213"
+ }
+ },
"CVE-2022-26966": {
"4.14": {
"cmt_id": "fbc3c962b6eb42b1483d00d8ea28b61b9f2fff26",
@@ -32947,6 +33003,10 @@
"5.15": {
"cmt_id": "4f672112f8665102a5842c170be1713f8ff95919",
"fixed_version": "5.15.64"
+ },
+ "5.19": {
+ "cmt_id": "a36df92c7ff7ecde2fb362241d0ab024dddd0597",
+ "fixed_version": "5.19.6"
}
},
"CVE-2022-29156": {
@@ -33158,6 +33218,10 @@
"cmt_id": "103bd319c0fc90f1cb013c3a508615e6df8af823",
"fixed_version": "5.15.64"
},
+ "5.19": {
+ "cmt_id": "6901885656c029c976498290b52f67f2c251e6a0",
+ "fixed_version": "5.19.6"
+ },
"5.4": {
"cmt_id": "8ee27a4f0f1ad36d430221842767880df6494147",
"fixed_version": "5.4.212"
@@ -33327,6 +33391,32 @@
"fixed_version": "5.4.201"
}
},
+ "CVE-2022-3239": {
+ "4.19": {
+ "cmt_id": "0113fa98a49a8e46a19b0ad80f29c904c6feec23",
+ "fixed_version": "4.19.238"
+ },
+ "5.10": {
+ "cmt_id": "ec8a37b2d9a76a9443feb0af95bd06ac3df25444",
+ "fixed_version": "5.10.110"
+ },
+ "5.15": {
+ "cmt_id": "332d45fe51d75a3a95c4a04e2cb7bffef284edd4",
+ "fixed_version": "5.15.33"
+ },
+ "5.16": {
+ "cmt_id": "37f808a9e734e9036f7aa42ba4864fc6e91d2572",
+ "fixed_version": "5.16.19"
+ },
+ "5.17": {
+ "cmt_id": "d96dd287ca21c5b494bdb55555b33a6afec807cb",
+ "fixed_version": "5.17.2"
+ },
+ "5.4": {
+ "cmt_id": "92f84aa82dfaa8382785874277b0c4bedec89a68",
+ "fixed_version": "5.4.189"
+ }
+ },
"CVE-2022-32981": {
"4.14": {
"cmt_id": "d13c94c4b6f816e79b8e4df193db1bdcc7253610",
@@ -33652,6 +33742,10 @@
"cmt_id": "883c20911d6261fc651820b63a77327b8c020264",
"fixed_version": "5.18.16"
},
+ "5.19": {
+ "cmt_id": "99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164",
+ "fixed_version": "5.19"
+ },
"5.4": {
"cmt_id": "52be29e8b6455788a4d0f501bd87aa679ca3ba3c",
"fixed_version": "5.4.209"
@@ -33675,6 +33769,10 @@
"5.15": {
"cmt_id": "51f192ae71c3431aa69a988449ee2fd288e57648",
"fixed_version": "5.15.64"
+ },
+ "5.19": {
+ "cmt_id": "fdca693fcf26c11596e7aa1e540af2b4a5288c76",
+ "fixed_version": "5.19.6"
}
},
"CVE-2022-40307": {
@@ -33694,9 +33792,31 @@
"cmt_id": "dd291e070be0eca8807476b022bda00c891d9066",
"fixed_version": "5.15.68"
},
+ "5.19": {
+ "cmt_id": "d46815a8f26ca6db2336106a148265239f73b0af",
+ "fixed_version": "5.19.9"
+ },
"5.4": {
"cmt_id": "8028ff4cdbb3f20d3c1c04be33a83bab0cb94997",
"fixed_version": "5.4.213"
}
+ },
+ "CVE-2022-41222": {
+ "5.10": {
+ "cmt_id": "2613baa3ab2153cc45b175c58700d93f72ef36c4",
+ "fixed_version": "5.10.137"
+ },
+ "5.12": {
+ "cmt_id": "864c4d1d25170def283b2bf87726218126634f04",
+ "fixed_version": "5.12.18"
+ },
+ "5.13": {
+ "cmt_id": "987a852734e668e0829cf65dd182e44a03064800",
+ "fixed_version": "5.13.3"
+ },
+ "5.4": {
+ "cmt_id": "79e522101cf40735f1936a10312e17f937b8dcad",
+ "fixed_version": "5.4.211"
+ }
}
}
\ No newline at end of file
diff --git a/kern.json b/kern.json
index a980322..f32865a 100644
--- a/kern.json
+++ b/kern.json
@@ -3,5 +3,5 @@
"4.11", "4.13", "4.15", "4.16", "4.8", "4.17", "4.5", "4.6",
"4.7", "4.3", "4.20", "5.0", "4.18", "5.1", "5.2", "5.3", "5.6",
"5.5", "5.7", "5.9", "5.8", "5.9", "5.11", "5.12", "5.13", "5.14"],
- "supp_streams": ["4.9", "4.4", "4.14", "4.19", "5.4", "5.10", "5.15", "5.16", "5.17", "5.18"]
+ "supp_streams": ["4.9", "4.4", "4.14", "4.19", "5.4", "5.10", "5.15", "5.16", "5.17", "5.18", "5.19"]
}
