Update 27Sep22
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index 7d015ae..434ffe4 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,40 +1,32 @@
# **Linux Kernel CVE Changes**
-## Last Update - 22Sep22 21:08
+## Last Update - 27Sep22 11:13
### **New CVEs Added:**
-[CVE-2022-3239](cves/CVE-2022-3239)
-[CVE-2022-41218](cves/CVE-2022-41218)
-[CVE-2022-41222](cves/CVE-2022-41222)
+[CVE-2022-2785](cves/CVE-2022-2785)
+[CVE-2022-3103](cves/CVE-2022-3103)
+[CVE-2022-3303](cves/CVE-2022-3303)
### **New Versions Checked:**
-[4.14.294](streams/4.14)
-[4.19.259](streams/4.19)
-[4.9.329](streams/4.9)
-[5.10.144](streams/5.10)
-[5.15.69](streams/5.15)
-[5.19.10](streams/5.19)
-[5.4.214](streams/5.4)
+[5.10.145](streams/5.10)
+[5.15.70](streams/5.15)
+[5.19.11](streams/5.19)
### **Updated CVEs:**
-[CVE-2022-1679](cves/CVE-2022-1679)
-[CVE-2022-2585](cves/CVE-2022-2585)
-[CVE-2022-2586](cves/CVE-2022-2586)
-[CVE-2022-2588](cves/CVE-2022-2588)
-[CVE-2022-2590](cves/CVE-2022-2590)
-[CVE-2022-26373](cves/CVE-2022-26373)
+[CVE-2022-0171](cves/CVE-2022-0171)
[CVE-2022-2663](cves/CVE-2022-2663)
-[CVE-2022-2905](cves/CVE-2022-2905)
-[CVE-2022-3028](cves/CVE-2022-3028)
-[CVE-2022-3202](cves/CVE-2022-3202)
-[CVE-2022-36946](cves/CVE-2022-36946)
-[CVE-2022-39189](cves/CVE-2022-39189)
+[CVE-2022-3061](cves/CVE-2022-3061)
+[CVE-2022-3077](cves/CVE-2022-3077)
+[CVE-2022-3078](cves/CVE-2022-3078)
+[CVE-2022-3176](cves/CVE-2022-3176)
+[CVE-2022-39188](cves/CVE-2022-39188)
[CVE-2022-39190](cves/CVE-2022-39190)
[CVE-2022-39842](cves/CVE-2022-39842)
[CVE-2022-40307](cves/CVE-2022-40307)
+[CVE-2022-41222](cves/CVE-2022-41222)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index 764b41f..b4d55ee 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1162,13 +1162,13 @@
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1182,10 +1182,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index 0300f3e..5d8f61b 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1300,13 +1300,13 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1320,10 +1320,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index 53b1742..861e499 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1130,14 +1130,14 @@
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1151,10 +1151,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index fcaa69e..3e7c4ba 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1264,14 +1264,14 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1285,10 +1285,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index e0a7b1b..07dae86 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1113,14 +1113,14 @@
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1134,10 +1134,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index 957d90e..754f739 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1219,14 +1219,14 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1240,10 +1240,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index ea9eba5..316a270 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -1098,14 +1098,14 @@
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1119,10 +1119,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index d91440b..6c88b02 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1332,14 +1332,14 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1353,10 +1353,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index b40c9fa..676c659 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1139,14 +1139,13 @@
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
-CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1160,10 +1159,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index d900da9..77373f8 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1295,14 +1295,13 @@
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
- CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1316,10 +1315,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index e29ae26..373052a 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1057,15 +1057,15 @@
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1080,10 +1080,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index 63e61a1..5dbca05 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1153,15 +1153,15 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1176,10 +1176,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index b42a6ab..01e511c 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -955,15 +955,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -978,7 +978,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index e4f4d1d..a8f7106 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -989,15 +989,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1012,7 +1012,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index eb99aba..d16fc1c 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -927,15 +927,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -950,7 +950,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index e5cd045..f49ce71 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -949,15 +949,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -972,7 +972,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index 557b9ad..5e184d4 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -910,15 +910,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -933,7 +933,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 5b25793..33fdb86 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -936,15 +936,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -959,7 +959,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index 0badbb3..ca29853 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -893,15 +893,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -916,7 +916,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index 9303203..2387ded 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -921,15 +921,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -944,7 +944,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index ff5c092..58d8808 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -861,15 +861,15 @@
CVE-2022-3028: Fixed with 4.14.292
CVE-2022-30594: Fixed with 4.14.276
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 4.14.276
CVE-2022-32250: Fixed with 4.14.283
CVE-2022-32296: Fixed with 4.14.285
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fixed with 4.14.283
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fixed with 4.14.287
CVE-2022-33741: Fixed with 4.14.287
CVE-2022-33742: Fixed with 4.14.287
@@ -884,7 +884,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 4.14.293
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index 4849b75..2c91871 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1358,18 +1358,17 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index 33452d7..31588fc 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -811,15 +811,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -834,7 +834,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index 9d19284..79ac66b 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -843,15 +843,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -866,7 +866,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index b4d5b61..099b2da 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -790,15 +790,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -814,7 +814,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index 3e68fbc..cd3dbeb 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -822,15 +822,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -846,7 +846,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 09ab64a..036c992 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -770,15 +770,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -794,7 +794,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index 5e48cd0..2f1486e 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -802,15 +802,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -826,7 +826,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 19b1732..d9937c1 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -748,15 +748,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -772,7 +772,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index 32f76c4..ab874b8 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -780,15 +780,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -804,7 +804,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index e5c432b..e94d456 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -723,15 +723,15 @@
CVE-2022-3028: Fixed with 4.19.257
CVE-2022-30594: Fixed with 4.19.238
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 4.19.238
CVE-2022-32250: Fixed with 4.19.247
CVE-2022-32296: Fixed with 4.19.249
CVE-2022-3239: Fixed with 4.19.238
CVE-2022-32981: Fixed with 4.19.247
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fixed with 4.19.251
CVE-2022-33741: Fixed with 4.19.251
CVE-2022-33742: Fixed with 4.19.251
@@ -747,7 +747,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 4.19.258
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 18f4f3c..7da8153 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -1149,10 +1149,10 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
@@ -1160,7 +1160,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index 317d2e5..8ca23cd 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -711,15 +711,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -735,7 +735,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index 282eaa2..45d77bd 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -743,15 +743,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -767,7 +767,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index a2c5be9..7b0496f 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1054,15 +1054,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1077,10 +1077,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 7af30f0..d2791a9 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1070,15 +1070,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1093,10 +1093,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 1f603ae..620fe14 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1035,15 +1035,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1058,10 +1058,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index ce975a6..a92eaa7 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1519,15 +1519,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1542,10 +1542,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index d1dee95..7ada2ce 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -1017,15 +1017,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1040,10 +1040,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index 23750cf..b314e3f 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1033,15 +1033,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1056,10 +1056,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 90df1bd..236cc2c 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -989,15 +989,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -1012,10 +1012,8 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
-CVE-2022-40307: Fix not seen in stream
CVE-2022-40768: Fix unknown
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index a3e0346..4d8a9c9 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -1007,15 +1007,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1030,10 +1030,8 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
- CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index efa109b..c289c75 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -971,15 +971,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -994,7 +994,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index c9ff99f..b670960 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -991,15 +991,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1014,7 +1014,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 8601567..fff614d 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -975,15 +975,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -998,7 +998,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index 14cfb40..a98aa94 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -1005,15 +1005,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -1028,7 +1028,6 @@
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index 19d06c2..38d27c2 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -974,15 +974,15 @@
CVE-2022-3028: Fixed with 4.9.327
CVE-2022-30594: Fixed with 4.9.311
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 4.9.311
CVE-2022-32250: Fixed with 4.9.318
CVE-2022-32296: Fixed with 4.9.320
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fixed with 4.9.318
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fixed with 4.9.322
CVE-2022-33741: Fixed with 4.9.322
CVE-2022-33742: Fixed with 4.9.322
@@ -997,7 +997,6 @@
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index ffb3be0..2b3d9af 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1516,18 +1516,17 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index 402b7a2..16a1d9d 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -690,15 +690,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -714,7 +714,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index 545b4b1..7456655 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -738,15 +738,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -762,7 +762,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index ab513d5..67b06d0 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -660,15 +660,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -684,7 +684,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index d808e00..b9d8a87 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -696,15 +696,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -720,7 +720,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index 0e38383..85ba370 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -372,16 +372,17 @@
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fixed with 5.10.140
CVE-2022-30594: Fixed with 5.10.110
-CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
+CVE-2022-3061: Fixed with 5.10.145
CVE-2022-3078: Fixed with 5.10.110
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 5.10.111
CVE-2022-32250: Fixed with 5.10.120
CVE-2022-32296: Fixed with 5.10.125
CVE-2022-3239: Fixed with 5.10.110
CVE-2022-32981: Fixed with 5.10.122
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fixed with 5.10.129
CVE-2022-33741: Fixed with 5.10.129
CVE-2022-33742: Fixed with 5.10.129
@@ -399,7 +400,7 @@
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fixed with 5.10.140
-CVE-2022-39842: Fix not seen in stream
+CVE-2022-39842: Fixed with 5.10.145
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.10.143
CVE-2022-40768: Fix unknown
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index e9dbcb5..200c562 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -506,6 +506,10 @@
CVE-2022-2663: e12ce30fe593dd438c5b392290ad7316befc11ca netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-40307: 918d9c4a4bdf5205f2fb3f64dddfb56c9a1d01d6 efi: capsule-loader: Fix use-after-free in efi_capsule_write
+CVEs fixed in 5.10.145:
+ CVE-2022-3061: e00582a36198888ffe91ed6b097d86556c8bb253 video: fbdev: i740fb: Error out if 'pixclock' equals zero
+ CVE-2022-39842: 06e194e1130c98f82d46beb40cdbc88a0d4fd6de video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -597,17 +601,16 @@
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
CVE-2022-2991: (unk) remove the lightnvm subsystem
- CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index 83a82f4..1b932ef 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -365,13 +365,15 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index 80435bf..b23c3e1 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -405,13 +405,15 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 2598601..5c52828 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -319,13 +319,15 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index dbb927c..aebe419 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -352,13 +352,15 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index cff98cc..84e339d 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -283,13 +283,15 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index c7236de..35c16fe 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -316,13 +316,15 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index 3314bd7..b71e09a 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -256,13 +256,15 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index 227d52a..4327734 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -290,13 +290,15 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index 0ef1fc0..063c108 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -98,7 +98,7 @@
CVE-2022-0001: Fixed with 5.15.28
CVE-2022-0002: Fixed with 5.15.28
CVE-2022-0168: Fixed with 5.15.33
-CVE-2022-0171: Fix not seen in stream
+CVE-2022-0171: Fixed with 5.15.70
CVE-2022-0185: Fixed with 5.15.16
CVE-2022-0264: Fixed with 5.15.11
CVE-2022-0330: Fixed with 5.15.18
@@ -221,16 +221,18 @@
CVE-2022-29901: Fixed with 5.15.57
CVE-2022-3028: Fixed with 5.15.64
CVE-2022-30594: Fixed with 5.15.33
-CVE-2022-3061: Fix not seen in stream
+CVE-2022-3061: Fixed with 5.15.70
CVE-2022-3077: Fixed with 5.15.45
CVE-2022-3078: Fixed with 5.15.33
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fixed with 5.15.65
CVE-2022-3202: Fixed with 5.15.34
CVE-2022-32250: Fixed with 5.15.45
CVE-2022-32296: Fixed with 5.15.41
CVE-2022-3239: Fixed with 5.15.33
CVE-2022-32981: Fixed with 5.15.47
+CVE-2022-3303: Fixed with 5.15.68
CVE-2022-33740: Fixed with 5.15.53
CVE-2022-33741: Fixed with 5.15.53
CVE-2022-33742: Fixed with 5.15.53
@@ -250,7 +252,7 @@
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fixed with 5.15.60
CVE-2022-39190: Fixed with 5.15.64
-CVE-2022-39842: Fix not seen in stream
+CVE-2022-39842: Fixed with 5.15.70
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.15.68
CVE-2022-40768: Fix unknown
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index d0e1838..7713d61 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -266,10 +266,19 @@
CVE-2022-3028: 103bd319c0fc90f1cb013c3a508615e6df8af823 af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-39190: 51f192ae71c3431aa69a988449ee2fd288e57648 netfilter: nf_tables: disallow binding to already bound chain
+CVEs fixed in 5.15.65:
+ CVE-2022-3176: e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5 io_uring: fix UAF due to missing POLLFREE handling
+
CVEs fixed in 5.15.68:
CVE-2022-2663: 451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4 netfilter: nf_conntrack_irc: Fix forged IP logic
+ CVE-2022-3303: 8015ef9e8a0ee5cecfd0cb6805834d007ab26f86 ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-40307: dd291e070be0eca8807476b022bda00c891d9066 efi: capsule-loader: Fix use-after-free in efi_capsule_write
+CVEs fixed in 5.15.70:
+ CVE-2022-0171: 39b0235284c7aa33a64e07b825add7a2c108094a KVM: SEV: add cache flush to solve SEV cache incoherency issues
+ CVE-2022-3061: 59b756da49bfa51a00a0b58b4147ce2652bc3d28 video: fbdev: i740fb: Error out if 'pixclock' equals zero
+ CVE-2022-39842: ab5140c6ddd7473509e12f468948de91138b124e video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -330,7 +339,6 @@
CVE-2021-39802: (unk)
CVE-2021-4095: (unk) KVM: x86: Fix wall clock writes in Xen shared_info not to mark page dirty
CVE-2021-4204: (unk) bpf: Generalize check_ctx_reg for reuse with other types
- CVE-2022-0171: (unk) KVM: SEV: add cache flush to solve SEV cache incoherency issues
CVE-2022-0400: (unk)
CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling
CVE-2022-1116: (unk)
@@ -343,15 +351,13 @@
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
- CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
CVE-2022-41218: (unk)
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index 203d34f..e4c67e6 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -192,13 +192,15 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fixed with 5.16.19
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 5.16.20
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fixed with 5.16.19
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 4b4fb7e..4f9f0e3 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -230,11 +230,13 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index 12d5da7..5cc159c 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -138,13 +138,14 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fixed with 5.17.13
CVE-2022-3078: Fixed with 5.17.2
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
CVE-2022-3202: Fixed with 5.17.3
CVE-2022-32250: Fixed with 5.17.13
CVE-2022-32296: Fixed with 5.17.9
CVE-2022-3239: Fixed with 5.17.2
CVE-2022-32981: Fixed with 5.17.15
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index bfb1e58..0eb2df0 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -176,8 +176,9 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index c5014d8..ec5fa81 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -90,6 +90,7 @@
CVE-2022-26373: Fixed with 5.18.17
CVE-2022-2663: Fix not seen in stream
CVE-2022-26878: Fix unknown
+CVE-2022-2785: Fix not seen in stream
CVE-2022-2873: Fixed with 5.18.2
CVE-2022-2905: Fix not seen in stream
CVE-2022-2959: Fixed with 5.18.2
@@ -99,10 +100,11 @@
CVE-2022-29901: Fixed with 5.18.14
CVE-2022-3028: Fix not seen in stream
CVE-2022-3077: Fixed with 5.18.2
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
CVE-2022-32250: Fixed with 5.18.2
CVE-2022-32981: Fixed with 5.18.4
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fixed with 5.18.10
CVE-2022-33741: Fixed with 5.18.10
CVE-2022-33742: Fixed with 5.18.10
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index dc9a607..754c822 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -141,12 +141,14 @@
CVE-2022-2590: (unk) mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
CVE-2022-2663: (unk) netfilter: nf_conntrack_irc: Fix forged IP logic
CVE-2022-26878: (unk)
+ CVE-2022-2785: (unk) bpf: Disallow bpf programs call prog_run command.
CVE-2022-2905: (unk) bpf: Don't use tnum_range on array range checking for poke descriptors
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index 73a236c..0bb6ed6 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -69,12 +69,14 @@
CVE-2022-26373: Fixed with 5.19.1
CVE-2022-2663: Fixed with 5.19.9
CVE-2022-26878: Fix unknown
+CVE-2022-2785: Fixed with 5.19.4
CVE-2022-2905: Fixed with 5.19.6
CVE-2022-2961: Fix unknown
CVE-2022-2978: Fix unknown
CVE-2022-3028: Fixed with 5.19.6
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3303: Fixed with 5.19.9
CVE-2022-36280: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-36946: Fixed with 5.19
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
index 6b99ac5..1ecc333 100644
--- a/data/5.19/5.19_security.txt
+++ b/data/5.19/5.19_security.txt
@@ -11,6 +11,9 @@
CVE-2022-2586: 0d07039397527361850c554c192e749cfc879ea9 netfilter: nf_tables: do not allow SET_ID to refer to another table
CVE-2022-2588: ee3f18d90e80e79449d575fa3e7a6b775e9fc35e net_sched: cls_route: remove from list when handle is 0
+CVEs fixed in 5.19.4:
+ CVE-2022-2785: b429d0b9a7a0f3dddb1f782b72629e6353f292fd bpf: Disallow bpf programs call prog_run command.
+
CVEs fixed in 5.19.6:
CVE-2022-2590: 9def52eb10baab3b700858003d462fcf17d62873 mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
CVE-2022-2905: a36df92c7ff7ecde2fb362241d0ab024dddd0597 bpf: Don't use tnum_range on array range checking for poke descriptors
@@ -19,6 +22,7 @@
CVEs fixed in 5.19.9:
CVE-2022-2663: 6cf0609154b2ce8d3ae160e7506ab316400a8d3d netfilter: nf_conntrack_irc: Fix forged IP logic
+ CVE-2022-3303: 723ac5ab2891b6c10dd6cc78ef5456af593490eb ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-40307: d46815a8f26ca6db2336106a148265239f73b0af efi: capsule-loader: Fix use-after-free in efi_capsule_write
Outstanding CVEs:
@@ -88,8 +92,8 @@
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
CVE-2022-2978: (unk)
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
CVE-2022-38096: (unk)
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index 183a5d0..f12bbe1 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -621,15 +621,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -645,7 +645,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index 59bdf9f..50cfd31 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -659,15 +659,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -683,7 +683,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index 7dbbee3..f09cb18 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -593,15 +593,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -617,7 +617,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 46e3192..3965aa9 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -629,15 +629,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -653,7 +653,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index a26e1f0..2c20eac 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -521,15 +521,15 @@
CVE-2022-3028: Fixed with 5.4.212
CVE-2022-30594: Fixed with 5.4.189
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 5.4.189
CVE-2022-32250: Fixed with 5.4.198
CVE-2022-32296: Fixed with 5.4.201
CVE-2022-3239: Fixed with 5.4.189
CVE-2022-32981: Fixed with 5.4.198
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fixed with 5.4.204
CVE-2022-33741: Fixed with 5.4.204
CVE-2022-33742: Fixed with 5.4.204
@@ -545,7 +545,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.4.213
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index b01d517..4a0a89c 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -860,10 +860,10 @@
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-36280: (unk)
CVE-2022-36402: (unk)
@@ -871,7 +871,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk)
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 5171d82..64b775f 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -481,15 +481,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -505,7 +505,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index ae2cdd3..17fe1f0 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -515,15 +515,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -539,7 +539,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index 98ff919..15b0d91 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -456,15 +456,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -480,7 +480,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index 1e5df5a..a3be1bd 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -490,15 +490,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -514,7 +514,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index 22393a2..ffb9a76 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -444,15 +444,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -468,7 +468,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index 7f9b31a..b55d84c 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -478,15 +478,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -502,7 +502,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index b20a90d..1178692 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -426,15 +426,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
@@ -450,7 +450,6 @@
CVE-2022-38457: Fix unknown
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
-CVE-2022-39190: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index d6d283e..9da6599 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -460,15 +460,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
@@ -484,7 +484,6 @@
CVE-2022-38457: (unk)
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index ebe3a0d..f49f317 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -397,15 +397,15 @@
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3077: Fix not seen in stream
-CVE-2022-3078: Fix not seen in stream
+CVE-2022-3103: Fix not seen in stream
CVE-2022-3169: Fix unknown
-CVE-2022-3176: Fix unknown
+CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3239: Fix not seen in stream
CVE-2022-32981: Fix not seen in stream
+CVE-2022-3303: Fix not seen in stream
CVE-2022-33740: Fix not seen in stream
CVE-2022-33741: Fix not seen in stream
CVE-2022-33742: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index 1aa9c6d..76e8ebe 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -427,15 +427,15 @@
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
+ CVE-2022-3103: (unk) io_uring: fix off-by-one in sync cancelation file check
CVE-2022-3169: (unk)
- CVE-2022-3176: (unk)
+ CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+ CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-33740: (unk) xen/netfront: fix leaking data in shared pages
CVE-2022-33741: (unk) xen/netfront: force data bouncing when backend is untrusted
CVE-2022-33742: (unk) xen/blkfront: force data bouncing when backend is untrusted
diff --git a/data/CVEs.txt b/data/CVEs.txt
index 1515e36..9748126 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2082,11 +2082,12 @@
CVE-2022-26373: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2b1299322016731d56807aa49254a5ea3080b6b3 (v2.6.12-rc2 to v6.0-rc1)
CVE-2022-2639: f28cd2af22a0c134e4aa1c64a70f70d815d473fb - cefa91b2332d7009bc0be5d951d6cbbf349f90f8 (v5.1-rc4 to v5.18-rc4)
CVE-2022-26490: 26fc6c7f02cb26c39c4733de3dbc3c0646fc1074 - 4fbcc1a4cb20fe26ad0225679c536c80f1648221 (v4.0-rc1 to v5.17-rc1)
-CVE-2022-2663: (n/a) - 0efe125cfb99e6773a7434f3463f7c2fa28f3a43 (unk to v6.0-rc5)
+CVE-2022-2663: 869f37d8e48f3911eb70f38a994feaa8f8380008 - 0efe125cfb99e6773a7434f3463f7c2fa28f3a43 (v2.6.20-rc1 to v6.0-rc5)
CVE-2022-26878: afd2daa26c7abd734d78bd274fc6c59a15e61063 - (n/a) (v5.13-rc1 to unk)
CVE-2022-26966: c9b37458e95629b1d1171457afdcc1bf1eb7881d - e9da0b56fe27206b49f39805f7dcda8a89379062 (v3.12-rc1 to v5.17-rc6)
CVE-2022-27223: 1f7c51660034091dc134fcc534b7f1fa86a6e823 - 7f14c7227f342d9932f9b918893c8814f86d2a0d (v3.18-rc1 to v5.17-rc6)
CVE-2022-27666: cac2661c53f35cbe651bef9b07026a5a05ab8ce0 - ebe48d368e97d007bfeb76fcb065d6cfc4c96645 (v4.11-rc1 to v5.17-rc8)
+CVE-2022-2785: b1d18a7574d0df5eb4117c14742baf8bc2b9bb74 - 86f44fcec22ce2979507742bc53db8400e454f46 (v5.18-rc1 to v6.0-rc1)
CVE-2022-27950: fbf42729d0e91332e8ce75a1ecce08b8a2dab9c1 - 817b8b9c5396d2b2d92311b46719aad5d3339dbe (v5.15-rc1 to v5.17-rc5)
CVE-2022-28356: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 764f4eb6846f5475f1244767d24d25dd86528a4a (v2.6.12-rc2 to v5.18-rc1)
CVE-2022-28388: 0024d8ad1639e32d717445c69ca813fd19c2a91c - 3d3925ff6433f98992685a9679613a2cc97f3ce2 (v3.9-rc1 to v5.18-rc1)
@@ -2111,17 +2112,19 @@
CVE-2022-29968: 3e08773c3841e9db7a520908cc2b136a77d275ff - 32452a3eb8b64e01e2be717f518c0be046975b9d (v5.16-rc1 to v5.18-rc5)
CVE-2022-3028: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ba953a9d89a00c078b85f4b190bc1dde66fe16b5 (v2.6.12-rc2 to v6.0-rc3)
CVE-2022-30594: 13c4a90119d28cfcb6b5bdd820c233b86c2b0237 - ee1fee900537b5d9560e9f937402de5ddc8412f3 (v4.3-rc1 to v5.18-rc1)
-CVE-2022-3061: (n/a) - 15cf0b82271b1823fb02ab8c377badba614d95d5 (unk to v5.18-rc5)
-CVE-2022-3077: (n/a) - 690b2549b19563ec5ad53e5c82f6a944d910086e (unk to v5.19-rc1)
-CVE-2022-3078: (n/a) - e6a21a14106d9718aa4f8e115b1e474888eeba44 (unk to v5.18-rc1)
+CVE-2022-3061: 5350c65f4f15bbc111ffa629130d3f32cdd4ccf6 - 15cf0b82271b1823fb02ab8c377badba614d95d5 (v3.4-rc1 to v5.18-rc5)
+CVE-2022-3077: 5e9a97b1f4491b8b65874901ad084348fcaba327 - 690b2549b19563ec5ad53e5c82f6a944d910086e (v5.11-rc1 to v5.19-rc1)
+CVE-2022-3078: f90cf6079bf67988f8b1ad1ade70fc89d0080905 - e6a21a14106d9718aa4f8e115b1e474888eeba44 (v5.10-rc1 to v5.18-rc1)
+CVE-2022-3103: (n/a) - 47abea041f897d64dbd5777f0cf7745148f85d75 (unk to v6.0-rc3)
CVE-2022-3169: (n/a) - (n/a) (unk to unk)
CVE-2022-3170: c27e1efb61c545f36c450ef60862df9251d239a4 - 6ab55ec0a938c7f943a4edba3d6514f775983887 (v6.0-rc1 to v6.0-rc4)
-CVE-2022-3176: (n/a) - (n/a) (unk to unk)
+CVE-2022-3176: (n/a) - 791f3465c4afde02d7f16cf7424ca87070b69396 (unk to v5.17-rc1)
CVE-2022-3202: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a53046291020ec41e09181396c1e829287b48d47 (v2.6.12-rc2 to v5.18-rc1)
CVE-2022-32250: 0b2d8a7b638b5034d2d68f6add8af94daaa1d4cd - 520778042ccca019f3ffa136dd0ca565c486cedd (v4.1-rc1 to v5.19-rc1)
CVE-2022-32296: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5 (v2.6.12-rc2 to v5.18-rc6)
CVE-2022-3239: (n/a) - c08eadca1bdfa099e20a32f8fa4b52b2f672236d (unk to v5.18-rc1)
CVE-2022-32981: 87fec0514f613f8ac43c01b0bc0bc7072c5d10ae - 8e1278444446fc97778a5e5c99bca1ce0bbc5ec9 (v3.13-rc1 to v5.19-rc2)
+CVE-2022-3303: (n/a) - 8423f0b6d513b259fdab9c9bf4aaa6188d054c2d (unk to v6.0-rc5)
CVE-2022-33740: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 307c8de2b02344805ebead3440d8feed28f2f010 (v2.6.12-rc2 to v5.19-rc6)
CVE-2022-33741: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4491001c2e0fa69efbb748c96ec96b100a5cdb7e (v2.6.12-rc2 to v5.19-rc6)
CVE-2022-33742: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2400617da7eebf9167d71a46122828bc479d64c9 (v2.6.12-rc2 to v5.19-rc6)
@@ -2138,13 +2141,13 @@
CVE-2022-36946: 7af4cc3fa158ff1dda6e7451c7e6afa6b0bb85cb - 99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164 (v2.6.14-rc1 to v5.19)
CVE-2022-38096: (n/a) - (n/a) (unk to unk)
CVE-2022-38457: (n/a) - (n/a) (unk to unk)
-CVE-2022-39188: (n/a) - b67fbebd4cf980aecbcc750e1462128bffe8ae15 (unk to v5.19-rc8)
+CVE-2022-39188: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b67fbebd4cf980aecbcc750e1462128bffe8ae15 (v2.6.12-rc2 to v5.19-rc8)
CVE-2022-39189: f38a7b75267f1fb240a8178cbcb16d66dd37aac8 - 6cd88243c7e03845a450795e134b488fc2afb736 (v4.16-rc1 to v5.19-rc2)
-CVE-2022-39190: (n/a) - e02f0d3970404bfea385b6edb86f2d936db0ea2b (unk to v6.0-rc3)
+CVE-2022-39190: d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 - e02f0d3970404bfea385b6edb86f2d936db0ea2b (v5.9-rc1 to v6.0-rc3)
CVE-2022-39842: 364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6 - a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7 (v2.6.38-rc1 to v5.19-rc4)
CVE-2022-40133: (n/a) - (n/a) (unk to unk)
-CVE-2022-40307: (n/a) - 9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95 (unk to v6.0-rc5)
+CVE-2022-40307: 65117f1aa1b2d145fd5ca376bde642794d0aae1b - 9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95 (v4.7-rc1 to v6.0-rc5)
CVE-2022-40476: 9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7 - 386e4fb6962b9f248a80f8870aea0870ca603e89 (v5.19-rc1 to v5.19-rc4)
CVE-2022-40768: (n/a) - (n/a) (unk to unk)
CVE-2022-41218: (n/a) - (n/a) (unk to unk)
-CVE-2022-41222: (n/a) - 97113eb39fa7972722ff490b947d8af023e1f6a2 (unk to v5.14-rc1)
+CVE-2022-41222: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 97113eb39fa7972722ff490b947d8af023e1f6a2 (v2.6.12-rc2 to v5.14-rc1)
diff --git a/data/cmts.json b/data/cmts.json
index b5b3226..107aa80 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -818,6 +818,7 @@
"47057abde515155a4fee53038e7772d6b387e0aa": "v4.10-rc1",
"470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2": "v6.0-rc1",
"4738c1db1593687713869fa69e733eebc7b0d6d8": "v2.6.26-rc1",
+ "47abea041f897d64dbd5777f0cf7745148f85d75": "v6.0-rc3",
"47bb117911b051bbc90764a8bff96543cbd2005f": "v5.1-rc1",
"47cdee29ef9d94e485eb08f962c74943023a5271": "v5.2-rc3",
"47d902b90a32a42a3d33aef3a02170fc6f70aa23": "v4.12-rc1",
@@ -955,6 +956,7 @@
"5329722057d41aebc31e391907a501feaa42f7d9": "v5.11-rc1",
"532c34b5fbf1687df63b3fcd5b2846312ac943c6": "v4.6-rc6",
"534a7b8e10ec55d9f521e68c20dbb3634c25b98a": "v3.2-rc1",
+ "5350c65f4f15bbc111ffa629130d3f32cdd4ccf6": "v3.4-rc1",
"537a50574175a2b68b0612ffb48cb044a394c7b4": "v4.13-rc1",
"53a712bae5dd919521a58d7bad773b949358add0": "v5.2-rc1",
"53b381b3abeb86f12787a6c40fee9b2f71edc23b": "v3.9-rc1",
@@ -1144,6 +1146,7 @@
"64dd153c83743af81f20924c6343652d731eeecb": "v3.2-rc1",
"64e6bbfff52db4bf6785fab9cffab850b2de6870": "v5.11-rc3",
"65038428b2c6c5be79d3f78a6b79c0cdc3a58a41": "v5.7-rc1",
+ "65117f1aa1b2d145fd5ca376bde642794d0aae1b": "v4.7-rc1",
"654b404f2a222f918af9b0cd18ad469d0c941a8e": "v4.11-rc2",
"657831ffc38e30092a2d5f03d385d710eb88b09a": "v4.12-rc1",
"657eb17d87852c42b55c4b06d5425baa08b2ddb3": "v3.13-rc7",
@@ -1362,6 +1365,7 @@
"7892032cfe67f4bde6fc2ee967e45a8fbaf33756": "v4.10-rc8",
"78beef629fd95be4ed853b2d37b832f766bd96ca": "v5.4-rc1",
"78c9c4dfbf8c04883941445a195276bb4bb92c76": "v4.19-rc1",
+ "791f3465c4afde02d7f16cf7424ca87070b69396": "v5.17-rc1",
"792039c73cf176c8e39a6e8beef2c94ff46522ed": "v3.6-rc3",
"7926aff5c57b577ab0f43364ff0c59d968f6a414": "v4.10-rc8",
"7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5": "v4.2-rc5",
@@ -1496,6 +1500,7 @@
"83f40318dab00e3298a1f6d0b12ac025e84e478d": "v3.5-rc1",
"8404663f81d212918ff85f493649a7991209fa04": "v3.6-rc6",
"8409cca7056113bee3236cb6a8e4d8d4d1eef102": "v2.6.39-rc1",
+ "8423f0b6d513b259fdab9c9bf4aaa6188d054c2d": "v6.0-rc5",
"844817e47eef14141cf59b8d5ac08dd11c0a9189": "v3.17-rc3",
"84823ff80f7403752b59e00bb198724100dc611c": "v5.6-rc4",
"848440544b41fbe21f36072ee7dc7c3c59ce62e2": "v4.14-rc1",
@@ -1524,8 +1529,10 @@
"86741ec25462": "v4.10-rc1",
"86741ec25462e4c8cdce6df2f41ead05568c7d5e": "v4.10-rc1",
"869e76f7a918f010bd4518d58886969b1f642a04": "v5.15-rc1",
+ "869f37d8e48f3911eb70f38a994feaa8f8380008": "v2.6.20-rc1",
"86acdca1b63e6890540fa19495cfc708beff3d8b": "v2.6.33-rc5",
"86cdf8e38792545161dbe3350a7eced558ba4d15": "v5.16-rc2",
+ "86f44fcec22ce2979507742bc53db8400e454f46": "v6.0-rc1",
"8700af2cc18c919b2a83e74e0479038fd113c15d": "v5.17-rc6",
"8700e3e7c4857d28ebaa824509934556da0b3e76": "v4.8-rc1",
"870aaff92e959e29d40f9cfdb5ed06ba2fc2dae0": "v5.17-rc1",
@@ -1979,6 +1986,7 @@
"b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c": "v4.1-rc7",
"b1bd5cba3306691c771d558e94baa73e8b0b96b7": "v5.13-rc6",
"b1cb7372fa822af6c06c8045963571d13ad6348b": "v4.15-rc1",
+ "b1d18a7574d0df5eb4117c14742baf8bc2b9bb74": "v5.18-rc1",
"b2157399cc9898260d6031c5bfe45fe137c1fbe7": "v4.15-rc8",
"b21c60a4edd22e26fbebe7dd7078349a8cfa7273": "v3.3-rc1",
"b228a94066406b6c456321d69643b0d7ce11cfa6": "v4.14-rc4",
@@ -2366,6 +2374,7 @@
"d0c7feaf87678371c2c09b3709400be416b2dc62": "v5.7-rc1",
"d0cb50185ae942b03c4327be322055d622dc79f6": "v5.5",
"d0d62baa7f505bd4c59cd169692ff07ec49dde37": "v5.14-rc1",
+ "d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87": "v5.9-rc1",
"d0febd81ae77a0e13717f1412ff9589e43fc4f8b": "v5.7-rc1",
"d10d1b9ac97b96dd9183944d30b1664bdbb5fbf6": "v3.7-rc1",
"d10dcb615c8e29d403a24d35f8310a7a53e3050c": "v5.5-rc1",
@@ -2788,6 +2797,7 @@
"f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7": "v4.19-rc7",
"f8be156be163a052a067306417cd0ff679068c97": "v5.13",
"f8d4f44df056c5b504b0d49683fb7279218fd207": "v5.9-rc8",
+ "f90cf6079bf67988f8b1ad1ade70fc89d0080905": "v5.10-rc1",
"f91072ed1b7283b13ca57fcfbece5a3b92726143": "v5.10-rc1",
"f92363d12359498f9a9960511de1a550f0ec41c2": "v3.8-rc1",
"f980f9c31a923e9040dee0bc679a5f5b09e61f40": "v5.10-rc1",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index 7e16658..0ccafa7 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -68794,7 +68794,8 @@
"breaks": "f980f9c31a923e9040dee0bc679a5f5b09e61f40",
"cmt_msg": "KVM: SEV: add cache flush to solve SEV cache incoherency issues",
"fixes": "683412ccf61294d727ead4a73d97397396e69a6b",
- "last_modified": "2022-06-27",
+ "last_affected_version": "5.15.69",
+ "last_modified": "2022-09-27",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-0171",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-0171",
@@ -72367,12 +72368,12 @@
}
},
"CVE-2022-2663": {
- "affected_versions": "unk to v6.0-rc5",
- "breaks": "",
+ "affected_versions": "v2.6.20-rc1 to v6.0-rc5",
+ "breaks": "869f37d8e48f3911eb70f38a994feaa8f8380008",
"cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
"fixes": "0efe125cfb99e6773a7434f3463f7c2fa28f3a43",
"last_affected_version": "5.19.8",
- "last_modified": "2022-09-22"
+ "last_modified": "2022-09-27"
},
"CVE-2022-26878": {
"affected_versions": "v5.13-rc1 to unk",
@@ -72532,6 +72533,14 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2022-27666"
}
},
+ "CVE-2022-2785": {
+ "affected_versions": "v5.18-rc1 to v6.0-rc1",
+ "breaks": "b1d18a7574d0df5eb4117c14742baf8bc2b9bb74",
+ "cmt_msg": "bpf: Disallow bpf programs call prog_run command.",
+ "fixes": "86f44fcec22ce2979507742bc53db8400e454f46",
+ "last_affected_version": "5.19.3",
+ "last_modified": "2022-09-27"
+ },
"CVE-2022-27950": {
"affected_versions": "v5.15-rc1 to v5.17-rc5",
"breaks": "fbf42729d0e91332e8ce75a1ecce08b8a2dab9c1",
@@ -73122,27 +73131,35 @@
}
},
"CVE-2022-3061": {
- "affected_versions": "unk to v5.18-rc5",
- "breaks": "",
+ "affected_versions": "v3.4-rc1 to v5.18-rc5",
+ "breaks": "5350c65f4f15bbc111ffa629130d3f32cdd4ccf6",
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero",
"fixes": "15cf0b82271b1823fb02ab8c377badba614d95d5",
- "last_modified": "2022-09-02"
+ "last_affected_version": "5.15.69",
+ "last_modified": "2022-09-27"
},
"CVE-2022-3077": {
- "affected_versions": "unk to v5.19-rc1",
- "breaks": "",
+ "affected_versions": "v5.11-rc1 to v5.19-rc1",
+ "breaks": "5e9a97b1f4491b8b65874901ad084348fcaba327",
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()",
"fixes": "690b2549b19563ec5ad53e5c82f6a944d910086e",
"last_affected_version": "5.18.1",
- "last_modified": "2022-09-13"
+ "last_modified": "2022-09-27"
},
"CVE-2022-3078": {
- "affected_versions": "unk to v5.18-rc1",
- "breaks": "",
+ "affected_versions": "v5.10-rc1 to v5.18-rc1",
+ "breaks": "f90cf6079bf67988f8b1ad1ade70fc89d0080905",
"cmt_msg": "media: vidtv: Check for null return of vzalloc",
"fixes": "e6a21a14106d9718aa4f8e115b1e474888eeba44",
"last_affected_version": "5.17.1",
- "last_modified": "2022-09-02"
+ "last_modified": "2022-09-27"
+ },
+ "CVE-2022-3103": {
+ "affected_versions": "unk to v6.0-rc3",
+ "breaks": "",
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check",
+ "fixes": "47abea041f897d64dbd5777f0cf7745148f85d75",
+ "last_modified": "2022-09-27"
},
"CVE-2022-3169": {
"affected_versions": "unk to unk",
@@ -73157,10 +73174,12 @@
"last_modified": "2022-09-13"
},
"CVE-2022-3176": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v5.17-rc1",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-09-19"
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling",
+ "fixes": "791f3465c4afde02d7f16cf7424ca87070b69396",
+ "last_affected_version": "5.15.64",
+ "last_modified": "2022-09-27"
},
"CVE-2022-3202": {
"affected_versions": "v2.6.12-rc2 to v5.18-rc1",
@@ -73298,6 +73317,14 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2022-32981"
}
},
+ "CVE-2022-3303": {
+ "affected_versions": "unk to v6.0-rc5",
+ "breaks": "",
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC",
+ "fixes": "8423f0b6d513b259fdab9c9bf4aaa6188d054c2d",
+ "last_affected_version": "5.19.8",
+ "last_modified": "2022-09-27"
+ },
"CVE-2022-33740": {
"affected_versions": "v2.6.12-rc2 to v5.19-rc6",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
@@ -73707,11 +73734,11 @@
"last_modified": "2022-09-19"
},
"CVE-2022-39188": {
- "affected_versions": "unk to v5.19-rc8",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v5.19-rc8",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas",
"fixes": "b67fbebd4cf980aecbcc750e1462128bffe8ae15",
- "last_modified": "2022-09-02"
+ "last_modified": "2022-09-27"
},
"CVE-2022-39189": {
"affected_versions": "v4.16-rc1 to v5.19-rc2",
@@ -73722,19 +73749,20 @@
"last_modified": "2022-09-22"
},
"CVE-2022-39190": {
- "affected_versions": "unk to v6.0-rc3",
- "breaks": "",
+ "affected_versions": "v5.9-rc1 to v6.0-rc3",
+ "breaks": "d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87",
"cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain",
"fixes": "e02f0d3970404bfea385b6edb86f2d936db0ea2b",
"last_affected_version": "5.19.5",
- "last_modified": "2022-09-22"
+ "last_modified": "2022-09-27"
},
"CVE-2022-39842": {
"affected_versions": "v2.6.38-rc1 to v5.19-rc4",
"breaks": "364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6",
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write",
"fixes": "a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7",
- "last_modified": "2022-09-22"
+ "last_affected_version": "5.15.69",
+ "last_modified": "2022-09-27"
},
"CVE-2022-40133": {
"affected_versions": "unk to unk",
@@ -73743,12 +73771,12 @@
"last_modified": "2022-09-19"
},
"CVE-2022-40307": {
- "affected_versions": "unk to v6.0-rc5",
- "breaks": "",
+ "affected_versions": "v4.7-rc1 to v6.0-rc5",
+ "breaks": "65117f1aa1b2d145fd5ca376bde642794d0aae1b",
"cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write",
"fixes": "9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95",
"last_affected_version": "5.19.8",
- "last_modified": "2022-09-22"
+ "last_modified": "2022-09-27"
},
"CVE-2022-40476": {
"affected_versions": "v5.19-rc1 to v5.19-rc4",
@@ -73769,11 +73797,11 @@
"last_modified": "2022-09-22"
},
"CVE-2022-41222": {
- "affected_versions": "unk to v5.14-rc1",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v5.14-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries.",
"fixes": "97113eb39fa7972722ff490b947d8af023e1f6a2",
"last_affected_version": "5.13.2",
- "last_modified": "2022-09-22"
+ "last_modified": "2022-09-27"
}
}
\ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json
index 2ef2b22..b4f58e7 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -1988,9 +1988,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -2408,6 +2405,9 @@
"CVE-2019-14615": {
"cmt_msg": "drm/i915/gen9: Clear residual context state on context switch"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2020-12771": {
"cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
@@ -2771,6 +2771,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-8797": {
"cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify"
},
@@ -3291,7 +3294,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -3647,9 +3650,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -3686,9 +3686,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -3890,9 +3887,6 @@
"CVE-2015-8709": {
"cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -4283,6 +4277,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-10940": {
"cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()"
},
@@ -5336,6 +5333,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -6078,7 +6078,7 @@
"cmt_msg": "Input: joydev - prevent potential read overflow in ioctl"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2017-7487": {
"cmt_msg": "ipx: call ipxitf_put() in ioctl error path"
@@ -6566,9 +6566,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -6641,9 +6638,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -6884,9 +6878,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -7389,6 +7380,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-10940": {
"cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()"
},
@@ -8370,6 +8364,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-5715": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
@@ -9040,7 +9037,7 @@
"cmt_msg": "Input: joydev - prevent potential read overflow in ioctl"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -9486,9 +9483,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -9546,9 +9540,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -9777,9 +9768,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -10141,6 +10129,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-10940": {
"cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()"
},
@@ -11170,6 +11161,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-5715": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
@@ -11882,7 +11876,7 @@
"cmt_msg": "Input: joydev - prevent potential read overflow in ioctl"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -12343,9 +12337,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -12409,9 +12400,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -12646,9 +12634,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -13014,6 +12999,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-10940": {
"cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()"
},
@@ -13959,6 +13947,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -14572,7 +14563,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -14991,9 +14982,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -15042,9 +15030,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -15261,9 +15246,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -18832,6 +18814,9 @@
"CVE-2017-5753": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19377": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -18985,12 +18970,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2017-9986": {
"cmt_msg": "sound: Retire OSS"
},
@@ -19063,6 +19042,9 @@
"CVE-2019-16921": {
"cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-5715": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
@@ -19118,7 +19100,7 @@
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
@@ -19150,9 +19132,6 @@
"CVE-2019-15290": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2020-15780": {
"cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down"
},
@@ -19533,6 +19512,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -20424,6 +20406,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -20986,7 +20971,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -21378,9 +21363,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -21423,9 +21405,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -21633,9 +21612,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -21975,6 +21951,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -22899,6 +22878,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -23491,7 +23473,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -23901,9 +23883,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -23952,9 +23931,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -24165,9 +24141,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -27334,12 +27307,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2021-20177": {
"cmt_msg": "netfilter: add and use nf_hook_slow_list()"
},
@@ -27394,6 +27361,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2021-0695": {
"cmt_msg": ""
},
@@ -27443,7 +27416,7 @@
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
@@ -27472,9 +27445,6 @@
"CVE-2019-15290": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2020-15780": {
"cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down"
},
@@ -27818,6 +27788,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -28688,6 +28661,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -29235,7 +29211,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -29618,9 +29594,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -29660,9 +29633,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -29867,9 +29837,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -31613,9 +31580,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -31889,6 +31853,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -32501,6 +32468,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -33147,7 +33117,7 @@
"cmt_msg": "Input: joydev - prevent potential read overflow in ioctl"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2017-7487": {
"cmt_msg": "ipx: call ipxitf_put() in ioctl error path"
@@ -33605,12 +33575,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2018-10879": {
"cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors"
},
@@ -33881,9 +33845,6 @@
"CVE-2017-6001": {
"cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -35157,9 +35118,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -35847,6 +35805,9 @@
"CVE-2020-11565": {
"cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-9568": {
"cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto"
},
@@ -36153,6 +36114,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -36877,7 +36841,7 @@
"cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
@@ -37374,9 +37338,6 @@
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -37446,9 +37407,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -37689,9 +37647,6 @@
"CVE-2015-8709": {
"cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -40624,6 +40579,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-10087": {
"cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()"
},
@@ -40651,9 +40609,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -41188,6 +41143,9 @@
"CVE-2014-3180": {
"cmt_msg": "compat: nanosleep: Clarify error handling"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-8797": {
"cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify"
},
@@ -41516,7 +41474,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -41779,12 +41737,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2017-15116": {
"cmt_msg": "crypto: rng - Remove old low-level rng interface"
},
@@ -42058,9 +42010,6 @@
"CVE-2011-4916": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2020-36558": {
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
@@ -44300,9 +44249,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -44543,6 +44489,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -44804,9 +44753,6 @@
"CVE-2017-5754": {
"cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control"
},
- "CVE-2022-3061": {
- "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
- },
"CVE-2017-5753": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
@@ -45017,6 +44963,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-8797": {
"cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify"
},
@@ -45507,7 +45456,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -45869,12 +45818,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2018-10879": {
"cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors"
},
@@ -46091,9 +46034,6 @@
"CVE-2015-8709": {
"cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -46540,9 +46480,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -46855,6 +46792,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -47593,6 +47533,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -48389,7 +48332,7 @@
"cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
@@ -48916,9 +48859,6 @@
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -48991,9 +48931,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2016-5412": {
"cmt_msg": "KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures"
},
@@ -49252,9 +49189,6 @@
"CVE-2017-6001": {
"cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -53178,9 +53112,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-1012": {
"cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation"
},
@@ -53200,7 +53131,7 @@
"cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2016-8660": {
"cmt_msg": ""
@@ -53313,9 +53244,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2021-29155": {
"cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic"
},
@@ -53466,6 +53394,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -53478,6 +53409,9 @@
"CVE-2021-4159": {
"cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-8797": {
"cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify"
},
@@ -53562,9 +53496,6 @@
"CVE-2020-12363": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2021-33655": {
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
@@ -53649,9 +53580,6 @@
"CVE-2019-15290": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2018-7273": {
"cmt_msg": "printk: hash addresses printed with %p"
},
@@ -54048,6 +53976,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -55137,6 +55068,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -55903,7 +55837,7 @@
"cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2017-7487": {
"cmt_msg": "ipx: call ipxitf_put() in ioctl error path"
@@ -56427,9 +56361,6 @@
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -56502,9 +56433,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -56757,9 +56685,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -57212,9 +57137,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -57530,6 +57452,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -58250,6 +58175,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -59016,7 +58944,7 @@
"cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2017-7487": {
"cmt_msg": "ipx: call ipxitf_put() in ioctl error path"
@@ -59540,9 +59468,6 @@
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -59618,9 +59543,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2016-5412": {
"cmt_msg": "KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures"
},
@@ -59873,9 +59795,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -61469,9 +61388,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -61745,6 +61661,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -62297,6 +62216,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-8797": {
"cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify"
},
@@ -62871,7 +62793,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
@@ -63278,9 +63200,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -63329,9 +63248,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -63563,9 +63479,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -63970,6 +63883,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -64498,6 +64414,9 @@
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -64841,7 +64760,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -65098,12 +65017,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
@@ -65346,9 +65259,6 @@
},
"CVE-2021-45485": {
"cmt_msg": "ipv6: use prandom_u32() for ID generation"
- },
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
}
}
},
@@ -65652,9 +65562,6 @@
"CVE-2019-19241": {
"cmt_msg": "io_uring: async workers should inherit the user creds"
},
- "CVE-2022-40307": {
- "cmt_msg": "efi: capsule-loader: Fix use-after-free in efi_capsule_write"
- },
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
@@ -65976,6 +65883,9 @@
"CVE-2015-1339": {
"cmt_msg": "cuse: fix memory leak"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -66738,6 +66648,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -67570,7 +67483,7 @@
"cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
@@ -68115,9 +68028,6 @@
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -68199,9 +68109,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2016-5412": {
"cmt_msg": "KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures"
},
@@ -68274,9 +68181,6 @@
"CVE-2019-15118": {
"cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2019-12818": {
"cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails"
},
@@ -68874,6 +68778,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -69360,6 +69267,9 @@
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -69670,7 +69580,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -69915,9 +69825,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
@@ -70059,9 +69966,6 @@
"CVE-2022-41218": {
"cmt_msg": ""
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2022-36946": {
"cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset"
},
@@ -70163,9 +70067,6 @@
},
"CVE-2021-45485": {
"cmt_msg": "ipv6: use prandom_u32() for ID generation"
- },
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
}
}
},
@@ -70408,6 +70309,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -70858,6 +70762,9 @@
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -71147,7 +71054,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-2938": {
"cmt_msg": "psi: Fix uaf issue when psi trigger is destroyed while being polled"
@@ -71374,9 +71281,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
@@ -71518,9 +71422,6 @@
"CVE-2022-41218": {
"cmt_msg": ""
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2022-36946": {
"cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset"
},
@@ -71619,9 +71520,6 @@
},
"CVE-2021-45485": {
"cmt_msg": "ipv6: use prandom_u32() for ID generation"
- },
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
}
}
},
@@ -71821,6 +71719,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -72259,6 +72160,9 @@
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -72533,7 +72437,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-2938": {
"cmt_msg": "psi: Fix uaf issue when psi trigger is destroyed while being polled"
@@ -72880,9 +72784,6 @@
"CVE-2022-41218": {
"cmt_msg": ""
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2022-36946": {
"cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset"
},
@@ -72978,9 +72879,6 @@
},
"CVE-2021-45485": {
"cmt_msg": "ipv6: use prandom_u32() for ID generation"
- },
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
}
}
},
@@ -76916,9 +76814,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2021-29155": {
"cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic"
},
@@ -76991,9 +76886,6 @@
"CVE-2020-36516": {
"cmt_msg": ""
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -77024,6 +76916,9 @@
"CVE-2019-19922": {
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -77033,6 +76928,9 @@
"CVE-2021-4159": {
"cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-5715": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
@@ -77109,7 +77007,7 @@
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2018-20509": {
"cmt_msg": "binder: refactor binder ref inc/dec for thread safety"
@@ -77150,9 +77048,6 @@
"CVE-2019-15290": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2018-7273": {
"cmt_msg": "printk: hash addresses printed with %p"
},
@@ -77517,6 +77412,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -78606,6 +78504,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2019-19039": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -79360,7 +79261,7 @@
"cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2017-7487": {
"cmt_msg": "ipx: call ipxitf_put() in ioctl error path"
@@ -79881,9 +79782,6 @@
"CVE-2019-15217": {
"cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap"
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -79959,9 +79857,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -80208,9 +80103,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -80631,6 +80523,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2018-10940": {
"cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()"
},
@@ -81663,6 +81558,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2017-5715": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
@@ -82387,7 +82285,7 @@
"cmt_msg": "Input: joydev - prevent potential read overflow in ioctl"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-6974": {
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
@@ -82851,9 +82749,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -82923,9 +82818,6 @@
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2012-4542": {
"cmt_msg": ""
},
@@ -83163,9 +83055,6 @@
"CVE-2018-16862": {
"cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -83663,6 +83552,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -84440,6 +84332,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -84933,7 +84828,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -85277,12 +85172,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2020-12114": {
"cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount"
},
@@ -85493,9 +85382,6 @@
"CVE-2020-29374": {
"cmt_msg": "gup: document and work around \"COW can break either way\" issue"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -85893,6 +85779,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -86631,6 +86520,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -87103,7 +86995,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -87447,12 +87339,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2020-12114": {
"cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount"
},
@@ -87660,9 +87546,6 @@
"CVE-2022-21166": {
"cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -88412,6 +88295,9 @@
"CVE-2022-2503": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3635": {
"cmt_msg": "netfilter: nf_tables: fix flowtable list del corruption"
},
@@ -88751,6 +88637,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -89205,7 +89094,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
@@ -89534,12 +89423,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2020-12114": {
"cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount"
},
@@ -89732,9 +89615,6 @@
"CVE-2022-21166": {
"cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -90574,12 +90454,18 @@
"CVE-2021-43056": {
"cmt_msg": "KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2022-0286": {
"cmt_msg": "bonding: fix null dereference in bond_ipsec_add_sa()"
},
"CVE-2021-4090": {
"cmt_msg": "NFSD: Fix exposure in nfsd4_decode_bitmap()"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -90830,7 +90716,7 @@
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
@@ -91633,12 +91519,18 @@
"CVE-2021-43056": {
"cmt_msg": "KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
"CVE-2021-4090": {
"cmt_msg": "NFSD: Fix exposure in nfsd4_decode_bitmap()"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
@@ -91871,7 +91763,7 @@
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
@@ -93418,6 +93310,16 @@
"cmt_id": "918d9c4a4bdf5205f2fb3f64dddfb56c9a1d01d6"
}
},
+ "5.10.145": {
+ "CVE-2022-39842": {
+ "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write",
+ "cmt_id": "06e194e1130c98f82d46beb40cdbc88a0d4fd6de"
+ },
+ "CVE-2022-3061": {
+ "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero",
+ "cmt_id": "e00582a36198888ffe91ed6b097d86556c8bb253"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -93443,9 +93345,6 @@
"CVE-2019-19378": {
"cmt_msg": ""
},
- "CVE-2022-3061": {
- "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
- },
"CVE-2022-0998": {
"cmt_msg": "vdpa: clean up get_config_size ret value handling"
},
@@ -93464,9 +93363,6 @@
"CVE-2020-24504": {
"cmt_msg": "ice: create scheduler aggregator node config and move VSIs"
},
- "CVE-2022-39842": {
- "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
- },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -93498,7 +93394,7 @@
"cmt_msg": ""
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2016-8660": {
"cmt_msg": ""
@@ -93542,9 +93438,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2022-1247": {
"cmt_msg": ""
},
@@ -93590,6 +93483,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2021-0695": {
"cmt_msg": ""
},
@@ -94571,12 +94470,18 @@
"CVE-2022-3078": {
"cmt_msg": "media: vidtv: Check for null return of vzalloc"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2022-0286": {
"cmt_msg": "bonding: fix null dereference in bond_ipsec_add_sa()"
},
"CVE-2021-4090": {
"cmt_msg": "NFSD: Fix exposure in nfsd4_decode_bitmap()"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -94857,7 +94762,7 @@
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
@@ -95621,6 +95526,12 @@
"CVE-2022-24122": {
"cmt_msg": "ucount: Make get_ucount a safe get_user replacement"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-36402": {
"cmt_msg": ""
},
@@ -95673,7 +95584,7 @@
"cmt_msg": "openvswitch: fix OOB access in reserve_sfa_size()"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-33742": {
"cmt_msg": "xen/blkfront: force data bouncing when backend is untrusted"
@@ -96260,6 +96171,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-36402": {
"cmt_msg": ""
},
@@ -96299,8 +96216,8 @@
"CVE-2021-33655": {
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
- "CVE-2022-3176": {
- "cmt_msg": ""
+ "CVE-2022-33743": {
+ "cmt_msg": "xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()"
},
"CVE-2022-33742": {
"cmt_msg": "xen/blkfront: force data bouncing when backend is untrusted"
@@ -96380,9 +96297,6 @@
"CVE-2021-3542": {
"cmt_msg": ""
},
- "CVE-2022-33743": {
- "cmt_msg": "xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()"
- },
"CVE-2022-1882": {
"cmt_msg": "watchqueue: make sure to serialize 'wqueue->defunct' properly"
},
@@ -97025,12 +96939,18 @@
"CVE-2022-24122": {
"cmt_msg": "ucount: Make get_ucount a safe get_user replacement"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
"CVE-2020-0347": {
"cmt_msg": ""
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
@@ -97239,7 +97159,7 @@
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
@@ -98147,7 +98067,17 @@
"cmt_id": "4f672112f8665102a5842c170be1713f8ff95919"
}
},
+ "5.15.65": {
+ "CVE-2022-3176": {
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling",
+ "cmt_id": "e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5"
+ }
+ },
"5.15.68": {
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC",
+ "cmt_id": "8015ef9e8a0ee5cecfd0cb6805834d007ab26f86"
+ },
"CVE-2022-2663": {
"cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
"cmt_id": "451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4"
@@ -98157,6 +98087,20 @@
"cmt_id": "dd291e070be0eca8807476b022bda00c891d9066"
}
},
+ "5.15.70": {
+ "CVE-2022-0171": {
+ "cmt_msg": "KVM: SEV: add cache flush to solve SEV cache incoherency issues",
+ "cmt_id": "39b0235284c7aa33a64e07b825add7a2c108094a"
+ },
+ "CVE-2022-39842": {
+ "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write",
+ "cmt_id": "ab5140c6ddd7473509e12f468948de91138b124e"
+ },
+ "CVE-2022-3061": {
+ "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero",
+ "cmt_id": "59b756da49bfa51a00a0b58b4147ce2652bc3d28"
+ }
+ },
"outstanding": {
"CVE-2022-2308": {
"cmt_msg": ""
@@ -98233,9 +98177,6 @@
"CVE-2019-19378": {
"cmt_msg": ""
},
- "CVE-2022-3061": {
- "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
- },
"CVE-2021-0695": {
"cmt_msg": ""
},
@@ -98245,9 +98186,6 @@
"CVE-2021-4204": {
"cmt_msg": "bpf: Generalize check_ctx_reg for reuse with other types"
},
- "CVE-2022-40133": {
- "cmt_msg": ""
- },
"CVE-2020-14304": {
"cmt_msg": ""
},
@@ -98263,8 +98201,8 @@
"CVE-2020-0347": {
"cmt_msg": ""
},
- "CVE-2022-0171": {
- "cmt_msg": "KVM: SEV: add cache flush to solve SEV cache incoherency issues"
+ "CVE-2022-40133": {
+ "cmt_msg": ""
},
"CVE-2022-38457": {
"cmt_msg": ""
@@ -98344,6 +98282,9 @@
"CVE-2019-19814": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -98386,15 +98327,9 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-39842": {
- "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
- },
"CVE-2021-4095": {
"cmt_msg": "KVM: x86: Fix wall clock writes in Xen shared_info not to mark page dirty"
},
- "CVE-2022-3176": {
- "cmt_msg": ""
- },
"CVE-2019-15290": {
"cmt_msg": ""
},
@@ -98621,6 +98556,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -99446,6 +99384,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -99975,7 +99916,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -100340,12 +100281,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2020-12114": {
"cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount"
},
@@ -100580,9 +100515,6 @@
"CVE-2019-25045": {
"cmt_msg": "xfrm: clean up xfrm protocol checks"
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2021-29650": {
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
@@ -102896,12 +102828,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2021-20177": {
"cmt_msg": "netfilter: add and use nf_hook_slow_list()"
},
@@ -102950,6 +102876,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2021-0695": {
"cmt_msg": ""
},
@@ -102996,7 +102928,7 @@
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
@@ -103025,9 +102957,6 @@
"CVE-2019-15290": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2018-17977": {
"cmt_msg": ""
},
@@ -103410,6 +103339,9 @@
"CVE-2019-19378": {
"cmt_msg": ""
},
+ "CVE-2022-2785": {
+ "cmt_msg": "bpf: Disallow bpf programs call prog_run command."
+ },
"CVE-2021-0695": {
"cmt_msg": ""
},
@@ -103422,6 +103354,9 @@
"CVE-2022-2905": {
"cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2020-14304": {
"cmt_msg": ""
},
@@ -103494,9 +103429,6 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2022-3176": {
- "cmt_msg": ""
- },
"CVE-2022-23825": {
"cmt_msg": ""
},
@@ -103569,6 +103501,9 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-15290": {
"cmt_msg": ""
},
@@ -103620,6 +103555,12 @@
"cmt_id": "ee3f18d90e80e79449d575fa3e7a6b775e9fc35e"
}
},
+ "5.19.4": {
+ "CVE-2022-2785": {
+ "cmt_msg": "bpf: Disallow bpf programs call prog_run command.",
+ "cmt_id": "b429d0b9a7a0f3dddb1f782b72629e6353f292fd"
+ }
+ },
"5.19.6": {
"CVE-2022-39190": {
"cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain",
@@ -103639,6 +103580,10 @@
}
},
"5.19.9": {
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC",
+ "cmt_id": "723ac5ab2891b6c10dd6cc78ef5456af593490eb"
+ },
"CVE-2022-2663": {
"cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic",
"cmt_id": "6cf0609154b2ce8d3ae160e7506ab316400a8d3d"
@@ -103796,9 +103741,6 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2022-3176": {
- "cmt_msg": ""
- },
"CVE-2022-23825": {
"cmt_msg": ""
},
@@ -103859,6 +103801,9 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2019-15290": {
"cmt_msg": ""
},
@@ -104273,6 +104218,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -104885,6 +104833,9 @@
"CVE-2019-19768": {
"cmt_msg": "blktrace: Protect q->blk_trace with RCU"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -105297,7 +105248,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
@@ -105596,12 +105547,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2022-1280": {
"cmt_msg": "drm: avoid circular locks in drm_mode_getconnector"
},
@@ -105863,9 +105808,6 @@
"CVE-2011-4916": {
"cmt_msg": ""
},
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
- },
"CVE-2020-36558": {
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
}
@@ -106074,6 +106016,9 @@
"CVE-2020-24588": {
"cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks"
},
+ "CVE-2022-3103": {
+ "cmt_msg": "io_uring: fix off-by-one in sync cancelation file check"
+ },
"CVE-2021-3444": {
"cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero"
},
@@ -106575,6 +106520,9 @@
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
},
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
"CVE-2022-20141": {
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu"
},
@@ -106897,7 +106845,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-3176": {
- "cmt_msg": ""
+ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -107151,12 +107099,6 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
- },
- "CVE-2022-3077": {
- "cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
- },
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
@@ -107402,9 +107344,6 @@
},
"CVE-2021-45485": {
"cmt_msg": "ipv6: use prandom_u32() for ID generation"
- },
- "CVE-2022-3078": {
- "cmt_msg": "media: vidtv: Check for null return of vzalloc"
}
}
}
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index f753d7e..17b47e1 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -30237,6 +30237,12 @@
"fixed_version": "5.17.2"
}
},
+ "CVE-2022-0171": {
+ "5.15": {
+ "cmt_id": "39b0235284c7aa33a64e07b825add7a2c108094a",
+ "fixed_version": "5.15.70"
+ }
+ },
"CVE-2022-0185": {
"5.10": {
"cmt_id": "eadde287a62e66b2f9e62d007c59a8f50d4b8413",
@@ -32815,6 +32821,12 @@
"fixed_version": "5.4.188"
}
},
+ "CVE-2022-2785": {
+ "5.19": {
+ "cmt_id": "b429d0b9a7a0f3dddb1f782b72629e6353f292fd",
+ "fixed_version": "5.19.4"
+ }
+ },
"CVE-2022-27950": {
"5.15": {
"cmt_id": "de0d102d0c8c681fc9a3263d842fb35f7cf662f4",
@@ -33261,6 +33273,16 @@
"fixed_version": "5.4.189"
}
},
+ "CVE-2022-3061": {
+ "5.10": {
+ "cmt_id": "e00582a36198888ffe91ed6b097d86556c8bb253",
+ "fixed_version": "5.10.145"
+ },
+ "5.15": {
+ "cmt_id": "59b756da49bfa51a00a0b58b4147ce2652bc3d28",
+ "fixed_version": "5.15.70"
+ }
+ },
"CVE-2022-3077": {
"5.15": {
"cmt_id": "24c6fc6e7453f64cf6cbb4218c62aafdecc16ee1",
@@ -33293,6 +33315,12 @@
"fixed_version": "5.17.2"
}
},
+ "CVE-2022-3176": {
+ "5.15": {
+ "cmt_id": "e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5",
+ "fixed_version": "5.15.65"
+ }
+ },
"CVE-2022-3202": {
"4.14": {
"cmt_id": "33bd243566a9b1ca94261dcc2e16c7b9e3a71c15",
@@ -33451,6 +33479,16 @@
"fixed_version": "5.4.198"
}
},
+ "CVE-2022-3303": {
+ "5.15": {
+ "cmt_id": "8015ef9e8a0ee5cecfd0cb6805834d007ab26f86",
+ "fixed_version": "5.15.68"
+ },
+ "5.19": {
+ "cmt_id": "723ac5ab2891b6c10dd6cc78ef5456af593490eb",
+ "fixed_version": "5.19.9"
+ }
+ },
"CVE-2022-33740": {
"4.14": {
"cmt_id": "f2c6f208a52df7e201f9fc34ae5efd7f9f40133e",
@@ -33775,6 +33813,16 @@
"fixed_version": "5.19.6"
}
},
+ "CVE-2022-39842": {
+ "5.10": {
+ "cmt_id": "06e194e1130c98f82d46beb40cdbc88a0d4fd6de",
+ "fixed_version": "5.10.145"
+ },
+ "5.15": {
+ "cmt_id": "ab5140c6ddd7473509e12f468948de91138b124e",
+ "fixed_version": "5.15.70"
+ }
+ },
"CVE-2022-40307": {
"4.14": {
"cmt_id": "233d5c4d18971feee5fc2f33f00b63d8205cfc67",
