Update 17Nov22
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index b418372..0140fbc 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,31 +1,48 @@
# **Linux Kernel CVE Changes**
-## Last Update - 10Nov22 13:03
+## Last Update - 17Nov22 14:19
### **New CVEs Added:**
-[CVE-2022-3903](cves/CVE-2022-3903)
-[CVE-2022-42895](cves/CVE-2022-42895)
-[CVE-2022-42896](cves/CVE-2022-42896)
-[CVE-2022-43945](cves/CVE-2022-43945)
+[CVE-2022-3977](cves/CVE-2022-3977)
### **New Versions Checked:**
-[4.14.298](streams/4.14)
-[4.19.264](streams/4.19)
-[4.9.332](streams/4.9)
-[5.10.153](streams/5.10)
-[5.15.77](streams/5.15)
-[5.4.223](streams/5.4)
-[6.0.7](streams/6.0)
+[4.14.299](streams/4.14)
+[4.19.265](streams/4.19)
+[4.9.333](streams/4.9)
+[5.10.155](streams/5.10)
+[5.15.79](streams/5.15)
+[5.4.224](streams/5.4)
+[6.0.9](streams/6.0)
### **Updated CVEs:**
-[CVE-2022-20369](cves/CVE-2022-20369)
-[CVE-2022-26373](cves/CVE-2022-26373)
+[CVE-2021-3759](cves/CVE-2021-3759)
+[CVE-2022-2978](cves/CVE-2022-2978)
+[CVE-2022-29900](cves/CVE-2022-29900)
+[CVE-2022-29901](cves/CVE-2022-29901)
+[CVE-2022-3169](cves/CVE-2022-3169)
+[CVE-2022-3435](cves/CVE-2022-3435)
[CVE-2022-3524](cves/CVE-2022-3524)
-[CVE-2022-3594](cves/CVE-2022-3594)
+[CVE-2022-3542](cves/CVE-2022-3542)
+[CVE-2022-3543](cves/CVE-2022-3543)
+[CVE-2022-3564](cves/CVE-2022-3564)
+[CVE-2022-3577](cves/CVE-2022-3577)
+[CVE-2022-3619](cves/CVE-2022-3619)
+[CVE-2022-3621](cves/CVE-2022-3621)
+[CVE-2022-3623](cves/CVE-2022-3623)
+[CVE-2022-3625](cves/CVE-2022-3625)
+[CVE-2022-3628](cves/CVE-2022-3628)
[CVE-2022-3635](cves/CVE-2022-3635)
+[CVE-2022-3636](cves/CVE-2022-3636)
+[CVE-2022-3640](cves/CVE-2022-3640)
+[CVE-2022-3903](cves/CVE-2022-3903)
+[CVE-2022-41849](cves/CVE-2022-41849)
+[CVE-2022-41850](cves/CVE-2022-41850)
+[CVE-2022-42895](cves/CVE-2022-42895)
+[CVE-2022-42896](cves/CVE-2022-42896)
+[CVE-2022-43945](cves/CVE-2022-43945)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index 3439601..ebd7f4c 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1158,12 +1158,12 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3238: Fix unknown
@@ -1175,33 +1175,29 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1211,20 +1207,20 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index 3271eb7..607d336 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1296,12 +1296,12 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3238: (unk)
@@ -1313,33 +1313,29 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1349,20 +1345,20 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index 8091b7c..3a9e537 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1126,12 +1126,12 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3238: Fix unknown
@@ -1144,33 +1144,29 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1180,20 +1176,20 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index beadd8b..43648da 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1260,12 +1260,12 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3238: (unk)
@@ -1278,33 +1278,29 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1314,20 +1310,20 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index 5d053a2..a1ab17d 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1109,12 +1109,12 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3238: Fix unknown
@@ -1128,34 +1128,30 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1165,20 +1161,20 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index a26daa4..f245e7a 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1215,12 +1215,12 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3238: (unk)
@@ -1234,34 +1234,30 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1271,20 +1267,20 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index be1dc9b..44eb2c5 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -1094,12 +1094,12 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3238: Fix unknown
@@ -1113,34 +1113,30 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1150,20 +1146,20 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index b37188f..612cd20 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1328,12 +1328,12 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3238: (unk)
@@ -1347,34 +1347,30 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1384,20 +1380,20 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index 55574a3..43e0c69 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1136,11 +1136,11 @@
CVE-2022-28356: Fix not seen in stream
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
CVE-2022-3238: Fix unknown
@@ -1152,7 +1152,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
@@ -1160,23 +1160,19 @@
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1186,20 +1182,20 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index d288293..c043ed7 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1292,11 +1292,11 @@
CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind()
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
CVE-2022-3238: (unk)
@@ -1308,7 +1308,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
@@ -1316,23 +1316,19 @@
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1342,20 +1338,20 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 4a85c5c..56fa2a3 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1054,12 +1054,12 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -1074,35 +1074,31 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1112,21 +1108,21 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index 22786aa..a765cec 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1150,12 +1150,12 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1170,35 +1170,31 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1208,21 +1204,21 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index 03cead8..16f349b 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -950,14 +950,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -972,7 +972,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -980,28 +980,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1011,8 +1007,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -1020,13 +1017,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index 9017475..9f2ea70 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -984,14 +984,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1006,7 +1006,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -1014,28 +1014,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1045,8 +1041,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -1054,13 +1051,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index aef9385..004f706 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -922,14 +922,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -944,7 +944,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -952,28 +952,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -983,8 +979,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -992,13 +989,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index 1bc83ca..98912e6 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -944,14 +944,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -966,7 +966,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -974,28 +974,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1005,8 +1001,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -1014,13 +1011,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index d1388a3..c3f9d45 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -905,14 +905,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -927,7 +927,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -935,28 +935,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -966,8 +962,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -975,13 +972,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 204024d..8be2be8 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -931,14 +931,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -953,7 +953,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -961,28 +961,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -992,8 +988,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -1001,13 +998,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index 9cd6734..c46db74 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -888,14 +888,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -910,7 +910,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -918,28 +918,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -949,8 +945,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -958,13 +955,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index f6ca86d..bfcacf1 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -916,14 +916,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -938,7 +938,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -946,28 +946,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -977,8 +973,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -986,13 +983,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index 4238367..9fc269e 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -857,14 +857,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 4.14.268
CVE-2022-2977: Fixed with 4.14.276
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fixed with 4.14.296
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fixed with 4.14.292
CVE-2022-30594: Fixed with 4.14.276
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fixed with 4.14.276
CVE-2022-32250: Fixed with 4.14.283
CVE-2022-32296: Fixed with 4.14.285
@@ -879,7 +879,7 @@
CVE-2022-33744: Fixed with 4.14.287
CVE-2022-33981: Fixed with 4.14.278
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -887,28 +887,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fixed with 4.14.296
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 4.14.299
CVE-2022-3565: Fixed with 4.14.296
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fixed with 4.14.293
CVE-2022-3594: Fixed with 4.14.296
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 4.14.289
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fixed with 4.14.296
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 4.14.299
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fixed with 4.14.291
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fixed with 4.14.291
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 4.14.296
@@ -918,8 +914,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fixed with 4.14.295
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 4.14.293
@@ -927,13 +924,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 4.14.296
+CVE-2022-41850: Fixed with 4.14.296
CVE-2022-42703: Fixed with 4.14.292
-CVE-2022-42895: Fix not seen in stream
+CVE-2022-42895: Fixed with 4.14.299
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fixed with 4.14.296
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index c4f1843..c3ba235 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1216,6 +1216,7 @@
CVE-2022-39842: 9556a88a16e381dbd6834da95206742d0973afc6 video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVEs fixed in 4.14.296:
+ CVE-2022-2978: c0aa76b0f17f59dd9c9d3463550a2986a1d592e4 fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-3542: f63e896e78c247d0be8165d99d543a28ca0be360 bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3565: cbd342376a4e7ea481891181910e9e995390eb24 mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: f5d6c938d51217d6f0f534f1ee606d9c5eb22fdc r8152: Rate limit overflow messages
@@ -1223,6 +1224,8 @@
CVE-2022-3646: a832de79d82ac8c9f445f99069e11b17c5d2224a nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-3649: 26b9b66610d6f8f3333cb6f52e97745da875fee1 nilfs2: fix use-after-free bug of struct nilfs_root
CVE-2022-40768: 5c8395d775ca9044b361af4a19b2ff223485be35 scsi: stex: Properly zero out the passthrough command structure
+ CVE-2022-41849: fa008859983d9231b9241a4b9eac7aabfbb45155 fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: fb8b43b7721786f551ec95542e07cf9a909f3e56 HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-43750: b29f76fcf2db6615b416d98e28c7d81eff4c89a2 usb: mon: make mmapped memory read only
CVEs fixed in 4.14.297:
@@ -1231,6 +1234,11 @@
CVEs fixed in 4.14.298:
CVE-2022-20369: 7339b6bdf9e084f9e83c084ccc8879b6ae80b75a media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
+CVEs fixed in 4.14.299:
+ CVE-2022-3564: 03af22e23b96fb7ef75fb7885407ef457e8b403d Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3628: b23665bbd39224e15aab89df4a4b60c0ab2ad09d wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-42895: 999d99c8de09537bd4f4a4a7db2be6b55c6ed817 Bluetooth: L2CAP: Fix attempting to access uninitialized memory
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1378,54 +1386,44 @@
CVE-2022-25265: (unk)
CVE-2022-2586: (unk) netfilter: nf_tables: do not allow SET_ID to refer to another table
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index eb7da72..8c586c3 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -807,14 +807,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -829,7 +829,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -837,28 +837,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -868,8 +864,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -877,13 +874,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index f113f50..ae00d79 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -839,14 +839,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -861,7 +861,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -869,28 +869,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -900,8 +896,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -909,13 +906,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index a3a2254..d67298e 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -786,14 +786,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -808,7 +808,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -816,28 +816,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -847,9 +843,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -857,13 +854,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index 940d084..9f69de5 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -818,14 +818,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -840,7 +840,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -848,28 +848,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -879,9 +875,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -889,13 +886,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 81e7034..c201833 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -766,14 +766,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -788,7 +788,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -796,28 +796,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -827,9 +823,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -837,13 +834,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index cea2c1c..c043aba 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -798,14 +798,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -820,7 +820,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -828,28 +828,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -859,9 +855,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -869,13 +866,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 8fee05d..31a621b 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -744,14 +744,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -766,7 +766,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -774,28 +774,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -805,9 +801,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -815,13 +812,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index 6c7d722..704d4bc 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -776,14 +776,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -798,7 +798,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -806,28 +806,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -837,9 +833,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -847,13 +844,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index 41cfe14..b208c93 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -719,14 +719,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 4.19.231
CVE-2022-2977: Fixed with 4.19.238
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fixed with 4.19.262
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fixed with 4.19.257
CVE-2022-30594: Fixed with 4.19.238
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fixed with 4.19.238
CVE-2022-32250: Fixed with 4.19.247
CVE-2022-32296: Fixed with 4.19.249
@@ -741,7 +741,7 @@
CVE-2022-33744: Fixed with 4.19.251
CVE-2022-33981: Fixed with 4.19.241
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -750,28 +750,25 @@
CVE-2022-3535: Fixed with 4.19.262
CVE-2022-3542: Fixed with 4.19.262
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 4.19.265
CVE-2022-3565: Fixed with 4.19.262
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fixed with 4.19.258
CVE-2022-3594: Fixed with 4.19.262
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 4.19.253
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fixed with 4.19.262
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 4.19.265
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fixed with 4.19.256
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fixed with 4.19.256
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 4.19.262
@@ -781,9 +778,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fixed with 4.19.260
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 4.19.258
@@ -791,13 +789,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 4.19.262
+CVE-2022-41850: Fixed with 4.19.262
CVE-2022-42703: Fixed with 4.19.257
-CVE-2022-42895: Fix not seen in stream
+CVE-2022-42895: Fixed with 4.19.265
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fixed with 4.19.262
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 9b53fdb..5abb6ef 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -1029,6 +1029,7 @@
CVE-2022-39842: a34547fc43d02f2662b2b62c9a4c578594cf662d video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVEs fixed in 4.19.262:
+ CVE-2022-2978: ec2aab115eb38ac4992ea2fcc2a02fbe7af5cf48 fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-3535: 84e2394b0be397f7198986aa9a28207f70b29bd4 net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: 70421f9708d4cf14c2bd15de58862a3d22e00bbe bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3565: 27f74a47d5b1cf52d48af15993bb1caa31ad8f5b mISDN: fix use-after-free bugs in l1oip timer handlers
@@ -1037,11 +1038,18 @@
CVE-2022-3646: 4b748ef0f2afadd31c914623daa610f26385a4dc nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-3649: bfc82a26545b5f61a64d51ca2179773706fb028f nilfs2: fix use-after-free bug of struct nilfs_root
CVE-2022-40768: a99c5e38dc6c3dc3da28489b78db09a4b9ffc8c3 scsi: stex: Properly zero out the passthrough command structure
+ CVE-2022-41849: 6d8dbefc4de96d35d68c723e2e75b5a23173c08c fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: 13de81c7ea0fd68efb48a2d2957e349237905923 HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-43750: bf7e2cee3899ede4c7c6548f28159ee3775fb67f usb: mon: make mmapped memory read only
CVEs fixed in 4.19.264:
CVE-2022-20369: 95c4751705f7eef0f16a245e121259857f867c4a media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
+CVEs fixed in 4.19.265:
+ CVE-2022-3564: 6c7407bfbeafc80a04e6eaedcf34d378532a04f2 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3628: 5e7d546917431400b7d6e5e38f588e0bd13083c9 wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-42895: 36919a82f335784d86b4def308739559bb47943d Bluetooth: L2CAP: Fix attempting to access uninitialized memory
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1167,55 +1175,46 @@
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index cac37ab..33537f8 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -707,14 +707,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -729,7 +729,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -738,7 +738,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -747,19 +747,17 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -769,9 +767,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -779,13 +778,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index 855b53d..5efca5f 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -739,14 +739,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -761,7 +761,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -770,7 +770,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -779,19 +779,17 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -801,9 +799,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -811,13 +810,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index d3c7912..7c2e370 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1050,13 +1050,13 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -1071,35 +1071,31 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1109,21 +1105,21 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 526177d..aa8e628 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1066,13 +1066,13 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1087,35 +1087,31 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1125,21 +1121,21 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 9c7e2f4..b96c6f6 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1030,14 +1030,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -1052,35 +1052,31 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1090,21 +1086,21 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index 7f9a841..9a8bae3 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1514,14 +1514,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1536,35 +1536,31 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1574,21 +1570,21 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index 9cddba0..25c2e48 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -1012,14 +1012,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -1034,35 +1034,31 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1072,21 +1068,21 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index 0cca110..01d82b7 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1028,14 +1028,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1050,35 +1050,31 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1088,21 +1084,21 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 1547c3f..7d3e119 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -984,14 +984,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -1006,7 +1006,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -1014,28 +1014,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1045,21 +1041,21 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fix not seen in stream
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index 44537da..0f0c89c 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -1002,14 +1002,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1024,7 +1024,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -1032,28 +1032,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1063,21 +1059,21 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40768: (unk) scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index 7e150ee..d68b8de 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -966,14 +966,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -988,7 +988,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -996,28 +996,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1027,8 +1023,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -1036,13 +1033,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index bb7e28c..4e1c962 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -986,14 +986,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1008,7 +1008,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -1016,28 +1016,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1047,8 +1043,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -1056,13 +1053,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 74dfbfe..4474785 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -970,14 +970,14 @@
CVE-2022-28390: Fix not seen in stream
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -992,7 +992,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -1000,28 +1000,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fix not seen in stream
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -1031,8 +1027,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -1040,13 +1037,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index d800ec5..8a4dba6 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -1000,14 +1000,14 @@
CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -1022,7 +1022,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -1030,28 +1030,24 @@
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -1061,8 +1057,9 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -1070,13 +1067,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index fe4cd7a..8808918 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -969,14 +969,14 @@
CVE-2022-28390: Fixed with 4.9.311
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 4.9.303
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fixed with 4.9.331
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fixed with 4.9.327
CVE-2022-30594: Fixed with 4.9.311
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fixed with 4.9.311
CVE-2022-32250: Fixed with 4.9.318
CVE-2022-32296: Fixed with 4.9.320
@@ -991,7 +991,7 @@
CVE-2022-33744: Fixed with 4.9.322
CVE-2022-33981: Fixed with 4.9.313
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -999,28 +999,24 @@
CVE-2022-3524: Fix not seen in stream
CVE-2022-3542: Fixed with 4.9.331
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 4.9.333
CVE-2022-3565: Fixed with 4.9.331
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
-CVE-2022-3577: Fix not seen in stream
CVE-2022-3586: Fixed with 4.9.328
CVE-2022-3594: Fixed with 4.9.331
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 4.9.324
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fixed with 4.9.331
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
-CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 4.9.333
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fixed with 4.9.326
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fixed with 4.9.326
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 4.9.331
@@ -1030,8 +1026,9 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fixed with 4.9.330
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -1039,13 +1036,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 4.9.331
+CVE-2022-41850: Fixed with 4.9.331
CVE-2022-42703: Fixed with 4.9.327
-CVE-2022-42895: Fix not seen in stream
+CVE-2022-42895: Fixed with 4.9.333
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fixed with 4.9.331
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index a603425..a79fca8 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1330,6 +1330,7 @@
CVE-2022-39842: a0dcaa48042a56a9eee2efed19563866a0ddbce2 video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVEs fixed in 4.9.331:
+ CVE-2022-2978: d1ff475d7c83289d0a7faef346ea3bbf90818bad fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-3542: 9ec3f783f08b57a861700fdf4d3d8f3cfb68f471 bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3565: 1ba21168faf881c23c270605834d01af260cbb72 mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: 3723658c287a98875f43cffc3245d0bf1d3ee076 r8152: Rate limit overflow messages
@@ -1337,8 +1338,15 @@
CVE-2022-3646: 81fe58e4e7f61a1f5200898e7cd4c9748f83051f nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-3649: a9043a24c6e340d45b204d294a25044726fd2770 nilfs2: fix use-after-free bug of struct nilfs_root
CVE-2022-40768: 35db0282da84ad200054ad5af0fd6c2f693b17f8 scsi: stex: Properly zero out the passthrough command structure
+ CVE-2022-41849: 347a969b130c2a496f471f14b354119b82664f0a fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: 84607bd3a8542b84b450d19a3579172f96c2bb47 HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-43750: 1b5ad3786a2f2cdbfed34071aa467f80e4903a0b usb: mon: make mmapped memory read only
+CVEs fixed in 4.9.333:
+ CVE-2022-3564: dc30e05bb18852303084430c03ca76e69257d9ea Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3628: b1477d95e967bf626b8c5e3838bb885c47381b24 wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-42895: 63e3d75298fac7fa50906454603dd5bb4ef22a23 Bluetooth: L2CAP: Fix attempting to access uninitialized memory
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1530,56 +1538,46 @@
CVE-2022-26373: (unk) x86/speculation: Add RSB VM Exit protections
CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3239: (unk) media: em28xx: initialize refcount before kref_get
CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
- CVE-2022-3577: (unk) HID: bigben: fix slab-out-of-bounds Write in bigben_probe
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index 2b37788..bc3ef4e 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -686,14 +686,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
CVE-2022-32296: Fix not seen in stream
@@ -708,7 +708,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -717,7 +717,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -726,19 +726,17 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
-CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -748,9 +746,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -758,13 +757,12 @@
CVE-2022-41218: Fix unknown
CVE-2022-41222: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index 0e3a8c6..0a83ce0 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -734,14 +734,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -756,7 +756,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -765,7 +765,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -774,19 +774,17 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -796,9 +794,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -806,13 +805,12 @@
CVE-2022-41218: (unk)
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index 1eaafc8..f3beac2 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -657,14 +657,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -680,7 +680,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -689,7 +689,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -698,19 +698,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -720,9 +719,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -731,15 +731,14 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
CVE-2022-42721: Fix not seen in stream
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index 3d4b85d..5ab6e16 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -693,14 +693,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -716,7 +716,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -725,7 +725,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -734,19 +734,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -756,9 +755,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -767,15 +767,14 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
CVE-2022-42721: (unk) wifi: cfg80211: avoid nontransmitted BSS list corruption
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index b935488..3f80d9c 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -182,7 +182,7 @@
CVE-2021-3752: Fixed with 5.10.80
CVE-2021-3753: Fixed with 5.10.62
CVE-2021-37576: Fixed with 5.10.54
-CVE-2021-3759: Fix not seen in stream
+CVE-2021-3759: Fixed with 5.10.154
CVE-2021-3760: Fixed with 5.10.76
CVE-2021-3764: Fixed with 5.10.71
CVE-2021-3772: Fixed with 5.10.77
@@ -371,7 +371,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 5.10.101
CVE-2022-2977: Fixed with 5.10.110
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fixed with 5.10.148
CVE-2022-29900: Fixed with 5.10.133
CVE-2022-29901: Fixed with 5.10.133
CVE-2022-2991: Fix not seen in stream
@@ -379,7 +379,7 @@
CVE-2022-30594: Fixed with 5.10.110
CVE-2022-3061: Fixed with 5.10.145
CVE-2022-3078: Fixed with 5.10.110
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 5.10.111
CVE-2022-32250: Fixed with 5.10.120
@@ -396,16 +396,16 @@
CVE-2022-33744: Fixed with 5.10.129
CVE-2022-33981: Fixed with 5.10.114
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fixed with 5.10.130
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
-CVE-2022-3524: Fix not seen in stream
+CVE-2022-3524: Fixed with 5.10.154
CVE-2022-3535: Fixed with 5.10.150
CVE-2022-3542: Fixed with 5.10.150
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 5.10.154
CVE-2022-3565: Fixed with 5.10.150
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -414,19 +414,18 @@
CVE-2022-3594: Fixed with 5.10.150
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 5.10.132
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fixed with 5.10.148
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fixed with 5.10.138
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 5.10.154
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fixed with 5.10.138
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fixed with 5.10.138
CVE-2022-3635: Fixed with 5.10.138
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 5.10.148
@@ -436,10 +435,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fixed with 5.10.140
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fixed with 5.10.145
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.10.143
@@ -448,17 +448,16 @@
CVE-2022-41222: Fixed with 5.10.137
CVE-2022-41674: Fixed with 5.10.148
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 5.10.150
+CVE-2022-41850: Fixed with 5.10.150
CVE-2022-42703: Fixed with 5.10.141
CVE-2022-42719: Fixed with 5.10.149
CVE-2022-42720: Fixed with 5.10.148
CVE-2022-42721: Fixed with 5.10.148
CVE-2022-42722: Fixed with 5.10.148
-CVE-2022-42895: Fix not seen in stream
-CVE-2022-42896: Fix not seen in stream
+CVE-2022-42895: Fixed with 5.10.154
+CVE-2022-42896: Fixed with 5.10.154
CVE-2022-43750: Fixed with 5.10.148
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index 0fab30b..73882aa 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -530,6 +530,7 @@
CVE-2022-0171: a60babeb60ff276963d4756c7fd2e7bf242bb777 KVM: SEV: add cache flush to solve SEV cache incoherency issues
CVEs fixed in 5.10.148:
+ CVE-2022-2978: 1e555c3ed1fce4b278aaebe18a64a934cece57d8 fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-3303: fce793a056c604b41a298317cf704dae255f1b36 ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-3621: 3f840480e31495ce674db4a69912882b5ac083f2 nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3646: aad4c997857f1d4b6c1e296c07e4729d3f8058ee nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -550,6 +551,16 @@
CVE-2022-3542: 6cc0e2afc6a137d45b9523f61a1b1b16a68c9dc0 bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3565: 2a1d0363208528a3bacbc2c37264d60182efd482 mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: 484400d433ca1903a87268c55f019e932297538a r8152: Rate limit overflow messages
+ CVE-2022-41849: e50472949604f385e09ce3fa4e74dce9f44fb19b fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: dbcca76435a606a352c794956e6df62eedd3a353 HID: roccat: Fix use-after-free in roccat_read()
+
+CVEs fixed in 5.10.154:
+ CVE-2021-3759: 836686e1a01d7e2fda6a5a18252243ff30a6e196 memcg: enable accounting of ipc resources
+ CVE-2022-3524: 818c36b988b82f31e4be8ad8415e1be902b8e5f8 tcp/udp: Fix memory leak in ipv6_renew_options().
+ CVE-2022-3564: cb1c012099ef5904cd468bdb8d6fcdfdd9bcb569 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3628: c6678c8f4f3f8383fe2dff3455de3d504382638f wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-42895: 26ca2ac091b49281d73df86111d16e5a76e43bd7 Bluetooth: L2CAP: Fix attempting to access uninitialized memory
+ CVE-2022-42896: 6b6f94fb9a74dd2891f11de4e638c6202bc89476 Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
Outstanding CVEs:
CVE-2005-3660: (unk)
@@ -610,7 +621,6 @@
CVE-2021-3542: (unk)
CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc()
CVE-2021-3714: (unk)
- CVE-2021-3759: (unk) memcg: enable accounting of ipc resources
CVE-2021-3847: (unk)
CVE-2021-3864: (unk)
CVE-2021-3892: (unk)
@@ -640,47 +650,38 @@
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
CVE-2022-2991: (unk) remove the lightnvm subsystem
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3238: (unk)
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
- CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
- CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index eb63b8c..4308b26 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -361,7 +361,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
@@ -370,7 +370,7 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -387,7 +387,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -396,7 +396,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -405,19 +405,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -427,10 +426,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -439,8 +439,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index 542b78a..39942fa 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -401,7 +401,7 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
@@ -410,7 +410,7 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -427,7 +427,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -436,7 +436,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -445,19 +445,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -467,10 +466,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -479,8 +479,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 7e82485..b9ba392 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -313,7 +313,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
@@ -322,7 +322,7 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -339,7 +339,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -348,7 +348,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -357,19 +357,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -379,10 +378,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -391,8 +391,8 @@
CVE-2022-41222: Fixed with 5.12.18
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index 72f3eae..8c17832 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -346,7 +346,7 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
@@ -355,7 +355,7 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -372,7 +372,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -381,7 +381,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -390,19 +390,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -412,10 +411,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -423,8 +423,8 @@
CVE-2022-41218: (unk)
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 4bede55..59cd66c 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -277,7 +277,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
@@ -286,7 +286,7 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -303,7 +303,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34494: Fix not seen in stream
CVE-2022-34495: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
@@ -315,7 +315,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -324,19 +324,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -346,10 +345,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -358,8 +358,8 @@
CVE-2022-41222: Fixed with 5.13.3
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index f2a281e..9587ed9 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -310,7 +310,7 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
@@ -319,7 +319,7 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -336,7 +336,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34494: (unk) rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev()
CVE-2022-34495: (unk) rpmsg: virtio: Fix possible double free in rpmsg_probe()
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
@@ -348,7 +348,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -357,19 +357,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -379,10 +378,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -390,8 +390,8 @@
CVE-2022-41218: (unk)
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index eb437af..e170ff5 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -250,7 +250,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
@@ -259,7 +259,7 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -276,7 +276,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34494: Fix not seen in stream
CVE-2022-34495: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
@@ -288,7 +288,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -297,19 +297,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -319,10 +318,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -330,8 +330,8 @@
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index b534166..bbbdf3b 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -284,7 +284,7 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
@@ -293,7 +293,7 @@
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
CVE-2022-3078: (unk) media: vidtv: Check for null return of vzalloc
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -310,7 +310,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34494: (unk) rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev()
CVE-2022-34495: (unk) rpmsg: virtio: Fix possible double free in rpmsg_probe()
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
@@ -322,7 +322,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -331,19 +331,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -353,10 +352,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -364,8 +364,8 @@
CVE-2022-41218: (unk)
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index 2c37523..268b6b5 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -219,7 +219,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 5.15.24
CVE-2022-2977: Fixed with 5.15.33
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fixed with 5.15.73
CVE-2022-29900: Fixed with 5.15.57
CVE-2022-29901: Fixed with 5.15.57
CVE-2022-3028: Fixed with 5.15.64
@@ -227,7 +227,7 @@
CVE-2022-3061: Fixed with 5.15.70
CVE-2022-3077: Fixed with 5.15.45
CVE-2022-3078: Fixed with 5.15.33
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fixed with 5.15.65
CVE-2022-3202: Fixed with 5.15.34
CVE-2022-32250: Fixed with 5.15.45
@@ -244,7 +244,7 @@
CVE-2022-33744: Fixed with 5.15.53
CVE-2022-33981: Fixed with 5.15.37
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34494: Fixed with 5.15.47
CVE-2022-34495: Fixed with 5.15.47
CVE-2022-34918: Fixed with 5.15.54
@@ -255,9 +255,9 @@
CVE-2022-3526: Fixed with 5.15.35
CVE-2022-3535: Fixed with 5.15.75
CVE-2022-3542: Fixed with 5.15.75
-CVE-2022-3543: Fix not seen in stream
+CVE-2022-3543: Fixed with 5.15.78
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 5.15.78
CVE-2022-3565: Fixed with 5.15.75
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -266,19 +266,18 @@
CVE-2022-3594: Fixed with 5.15.75
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 5.15.56
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fixed with 5.15.78
CVE-2022-3621: Fixed with 5.15.74
-CVE-2022-3623: Fix not seen in stream
+CVE-2022-3623: Fixed with 5.15.78
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fixed with 5.15.63
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 5.15.78
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fixed with 5.15.63
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fixed with 5.15.63
CVE-2022-3635: Fixed with 5.15.63
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 5.15.74
@@ -288,10 +287,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fixed with 5.15.60
CVE-2022-39190: Fixed with 5.15.64
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fixed with 5.15.70
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.15.68
@@ -299,15 +299,15 @@
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fixed with 5.15.74
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 5.15.75
+CVE-2022-41850: Fixed with 5.15.75
CVE-2022-42703: Fixed with 5.15.65
CVE-2022-42719: Fixed with 5.15.74
CVE-2022-42720: Fixed with 5.15.74
CVE-2022-42721: Fixed with 5.15.74
CVE-2022-42722: Fixed with 5.15.74
-CVE-2022-42895: Fix not seen in stream
-CVE-2022-42896: Fix not seen in stream
+CVE-2022-42895: Fixed with 5.15.78
+CVE-2022-42896: Fixed with 5.15.78
CVE-2022-43750: Fixed with 5.15.73
CVE-2022-43945: Fixed with 5.15.75
CVE-2022-44032: Fix unknown
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index 2e5cac9..0740cc2 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -297,6 +297,7 @@
CVE-2022-2308: dc248ddf41eab4566e95b1ee2433c8a5134ad94a vduse: prevent uninitialized memory accesses
CVEs fixed in 5.15.73:
+ CVE-2022-2978: 64b79e632869ad3ef6c098a4731d559381da1115 fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-43750: 5ff80339cdc3143b89eee2ad91ae44b4dbf65ad1 usb: mon: make mmapped memory read only
CVEs fixed in 5.15.74:
@@ -316,11 +317,22 @@
CVE-2022-3542: 0b6516a4e3eb0e2dc88a538458f3f732940f44fd bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3565: 7bfa18b05f381162c9d38192bbf0179f1142dd38 mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: b3179865cf7e892b26eedab3d6c54b4747c774a2 r8152: Rate limit overflow messages
+ CVE-2022-41849: 2b0897e33682a332167b7d355eec28693b62119e fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: c61786dc727d1850336d12c85a032c9a36ae396d HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-43945: dc7f225090c29a5f3b9419b1af32846a201555e7 NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVEs fixed in 5.15.77:
CVE-2022-3524: 1401e9336bebaa6dd5a320f83bddc17619d4e3a6 tcp/udp: Fix memory leak in ipv6_renew_options().
+CVEs fixed in 5.15.78:
+ CVE-2022-3543: 3975affcf55f93814a8ae14333d7fc7f183e60a4 af_unix: Fix memory leaks of the whole sk due to OOB skb.
+ CVE-2022-3564: 8278a87bb1eeea94350d675ef961ee5a03341fde Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3619: aa16cac06b752e5f609c106735bd7838f444784c Bluetooth: L2CAP: Fix memory leak in vhci_write
+ CVE-2022-3623: 3a44ae4afaa5318baed3c6e2959f24454e0ae4ff mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
+ CVE-2022-3628: 7038af4ce95105146d22e461eaa450829f28eeaf wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-42895: 3e4697ffdfbb38a2755012c4e571546c89ab6422 Bluetooth: L2CAP: Fix attempting to access uninitialized memory
+ CVE-2022-42896: 81035e1201e26d57d9733ac59140a3e29befbc5a Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -391,43 +403,33 @@
CVE-2022-25265: (unk)
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
- CVE-2022-3543: (unk) af_unix: Fix memory leaks of the whole sk due to OOB skb.
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
- CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index 54d8a7c..4b1466f 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -186,7 +186,7 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 5.16.10
CVE-2022-2977: Fixed with 5.16.19
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-29968: Fix not seen in stream
@@ -195,7 +195,7 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fix not seen in stream
CVE-2022-3078: Fixed with 5.16.19
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 5.16.20
CVE-2022-32250: Fix not seen in stream
@@ -212,7 +212,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34494: Fix not seen in stream
CVE-2022-34495: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
@@ -225,7 +225,7 @@
CVE-2022-3542: Fix not seen in stream
CVE-2022-3543: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -234,19 +234,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -256,10 +255,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -267,8 +267,8 @@
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 766726e..b17a881 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -226,14 +226,14 @@
CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change()
CVE-2022-2959: (unk) pipe: Fix missing lock in pipe_resize_ring()
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
CVE-2022-3077: (unk) i2c: ismt: prevent memory corruption in ismt_access()
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
@@ -248,7 +248,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34494: (unk) rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev()
CVE-2022-34495: (unk) rpmsg: virtio: Fix possible double free in rpmsg_probe()
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
@@ -261,7 +261,7 @@
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3543: (unk) af_unix: Fix memory leaks of the whole sk due to OOB skb.
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -270,19 +270,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -292,10 +291,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -303,8 +303,8 @@
CVE-2022-41218: (unk)
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index ba62bd4..3c7c2c7 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -133,7 +133,7 @@
CVE-2022-2959: Fixed with 5.17.13
CVE-2022-2961: Fix unknown
CVE-2022-2977: Fixed with 5.17.1
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-29968: Fixed with 5.17.6
@@ -142,7 +142,7 @@
CVE-2022-3061: Fix not seen in stream
CVE-2022-3077: Fixed with 5.17.13
CVE-2022-3078: Fixed with 5.17.2
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3202: Fixed with 5.17.3
CVE-2022-32250: Fixed with 5.17.13
CVE-2022-32296: Fixed with 5.17.9
@@ -158,7 +158,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fixed with 5.17.6
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34494: Fixed with 5.17.15
CVE-2022-34495: Fixed with 5.17.15
CVE-2022-34918: Fix not seen in stream
@@ -171,7 +171,7 @@
CVE-2022-3542: Fix not seen in stream
CVE-2022-3543: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -180,19 +180,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -202,10 +201,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -213,8 +213,8 @@
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index 1c650f6..8fd5684 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -179,12 +179,12 @@
CVE-2022-26878: (unk)
CVE-2022-2905: (unk) bpf: Don't use tnum_range on array range checking for poke descriptors
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-3344: (unk)
@@ -194,7 +194,7 @@
CVE-2022-33743: (unk) xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -204,7 +204,7 @@
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3543: (unk) af_unix: Fix memory leaks of the whole sk due to OOB skb.
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -212,19 +212,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -234,10 +233,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -245,8 +245,8 @@
CVE-2022-41218: (unk)
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index abe5f53..4e82209 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -98,12 +98,12 @@
CVE-2022-2905: Fix not seen in stream
CVE-2022-2959: Fixed with 5.18.2
CVE-2022-2961: Fix unknown
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fixed with 5.18.14
CVE-2022-29901: Fixed with 5.18.14
CVE-2022-3028: Fix not seen in stream
CVE-2022-3077: Fixed with 5.18.2
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-32250: Fixed with 5.18.2
CVE-2022-3238: Fix unknown
CVE-2022-32981: Fixed with 5.18.4
@@ -115,7 +115,7 @@
CVE-2022-33743: Fixed with 5.18.10
CVE-2022-33744: Fixed with 5.18.10
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34494: Fixed with 5.18.4
CVE-2022-34495: Fixed with 5.18.4
CVE-2022-34918: Fixed with 5.18.11
@@ -128,7 +128,7 @@
CVE-2022-3543: Fix not seen in stream
CVE-2022-3544: Fix unknown
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -137,19 +137,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 5.18.13
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -159,10 +158,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fixed with 5.18.17
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -170,8 +170,8 @@
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index a0433d6..d4c0c47 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -148,14 +148,14 @@
CVE-2022-2785: (unk) bpf: Disallow bpf programs call prog_run command.
CVE-2022-2905: (unk) bpf: Don't use tnum_range on array range checking for poke descriptors
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
@@ -165,26 +165,25 @@
CVE-2022-3543: (unk) af_unix: Fix memory leaks of the whole sk due to OOB skb.
CVE-2022-3544: (unk)
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3586: (unk) sch_sfb: Don't assume the skb is still around after enqueueing to child
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -192,9 +191,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -202,8 +202,8 @@
CVE-2022-41218: (unk)
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index 43781bc..e9f064b 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -75,14 +75,14 @@
CVE-2022-2785: Fixed with 5.19.4
CVE-2022-2905: Fixed with 5.19.6
CVE-2022-2961: Fix unknown
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-3028: Fixed with 5.19.6
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3238: Fix unknown
CVE-2022-3303: Fixed with 5.19.9
CVE-2022-3344: Fix unknown
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
@@ -90,29 +90,29 @@
CVE-2022-3531: Fix unknown
CVE-2022-3535: Fix not seen in stream
CVE-2022-3541: Fix not seen in stream
-CVE-2022-3542: Fix not seen in stream
+CVE-2022-3542: Fixed with 5.19.17
CVE-2022-3543: Fix not seen in stream
CVE-2022-3544: Fix unknown
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
CVE-2022-3586: Fixed with 5.19.9
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fixed with 5.19.4
-CVE-2022-3640: Fix unknown
+CVE-2022-3640: Fix not seen in stream
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -121,16 +121,17 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39190: Fixed with 5.19.6
+CVE-2022-3977: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.19.9
CVE-2022-40768: Fixed with 5.19.16
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fixed with 5.19.16
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fixed with 5.19.7
CVE-2022-42719: Fixed with 5.19.16
CVE-2022-42720: Fixed with 5.19.16
@@ -139,7 +140,7 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
+CVE-2022-43945: Fixed with 5.19.17
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
index bbd26bb..42c228e 100644
--- a/data/5.19/5.19_security.txt
+++ b/data/5.19/5.19_security.txt
@@ -45,6 +45,10 @@
CVE-2022-42721: 1d73c990e9bafc2754b1ced71345f73f5beb1781 wifi: cfg80211: avoid nontransmitted BSS list corruption
CVE-2022-42722: fa63b5f6f8853ace755d9a23fb75817d5ba20df5 wifi: mac80211: fix crash in beacon protection for P2P-device
+CVEs fixed in 5.19.17:
+ CVE-2022-3542: 96c0c14135f5803f9e94e6da2ee9c4b012fdcb20 bnx2x: fix potential memory leak in bnx2x_tpa_stop()
+ CVE-2022-43945: c2a878095b5c6f04f90553a3c45872f990dab14e NFSD: Protect against send buffer overflow in NFSv2 READDIR
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -111,12 +115,12 @@
CVE-2022-2602: (unk) io_uring/af_unix: defer registered files gc to io_uring release
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
- CVE-2022-3169: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
@@ -124,27 +128,26 @@
CVE-2022-3531: (unk)
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3541: (unk) eth: sp7021: fix use after free bug in spl2sw_nvmem_get_mac_address
- CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3543: (unk) af_unix: Fix memory leaks of the whole sk due to OOB skb.
CVE-2022-3544: (unk)
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
- CVE-2022-3640: (unk)
+ CVE-2022-3640: (unk) Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -152,16 +155,16 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index e99b723..5099669 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -618,14 +618,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -641,7 +641,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -650,7 +650,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -659,19 +659,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -681,9 +680,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -692,8 +692,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -701,7 +701,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index ae652f8..7d706a6 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -656,14 +656,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -679,7 +679,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -688,7 +688,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -697,19 +697,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -719,9 +718,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -730,8 +730,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -739,7 +739,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index 625ba81..e13f266 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -590,14 +590,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -613,7 +613,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -622,7 +622,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -631,19 +631,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -653,9 +652,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -664,8 +664,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -673,7 +673,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 0deed14..c49b7f6 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -626,14 +626,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -649,7 +649,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -658,7 +658,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -667,19 +667,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -689,9 +688,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -700,8 +700,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -709,7 +709,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index af2b92c..ff2eb23 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -350,7 +350,7 @@
CVE-2021-3752: Fixed with 5.4.160
CVE-2021-3753: Fixed with 5.4.144
CVE-2021-37576: Fixed with 5.4.136
-CVE-2021-3759: Fix not seen in stream
+CVE-2021-3759: Fixed with 5.4.224
CVE-2021-3760: Fixed with 5.4.156
CVE-2021-3764: Fixed with 5.4.151
CVE-2021-3772: Fixed with 5.4.157
@@ -518,14 +518,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fixed with 5.4.180
CVE-2022-2977: Fixed with 5.4.189
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fixed with 5.4.218
CVE-2022-29900: Fixed with 5.4.217
CVE-2022-29901: Fixed with 5.4.217
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fixed with 5.4.212
CVE-2022-30594: Fixed with 5.4.189
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fixed with 5.4.189
CVE-2022-32250: Fixed with 5.4.198
@@ -541,16 +541,16 @@
CVE-2022-33744: Fixed with 5.4.204
CVE-2022-33981: Fixed with 5.4.192
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
-CVE-2022-3524: Fix not seen in stream
+CVE-2022-3524: Fixed with 5.4.224
CVE-2022-3535: Fixed with 5.4.220
CVE-2022-3542: Fixed with 5.4.220
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 5.4.224
CVE-2022-3565: Fixed with 5.4.220
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -559,19 +559,18 @@
CVE-2022-3594: Fixed with 5.4.220
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fixed with 5.4.207
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fixed with 5.4.218
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fixed with 5.4.211
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 5.4.224
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fixed with 5.4.211
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fixed with 5.4.211
CVE-2022-3635: Fixed with 5.4.211
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 5.4.218
@@ -581,9 +580,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fixed with 5.4.215
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fixed with 5.4.213
@@ -592,16 +592,15 @@
CVE-2022-41222: Fixed with 5.4.211
CVE-2022-41674: Fixed with 5.4.218
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 5.4.220
+CVE-2022-41850: Fixed with 5.4.220
CVE-2022-42703: Fixed with 5.4.212
CVE-2022-42719: Fixed with 5.4.219
CVE-2022-42720: Fixed with 5.4.218
CVE-2022-42721: Fixed with 5.4.218
-CVE-2022-42895: Fix not seen in stream
+CVE-2022-42895: Fixed with 5.4.224
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fixed with 5.4.218
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index 11becf8..bfb9d37 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -770,6 +770,7 @@
CVE-2022-29901: 893cd858b09ca20c8c919db8dc5b009895626da3 x86/kvm/vmx: Make noinstr clean
CVEs fixed in 5.4.218:
+ CVE-2022-2978: 70e4f70d54e0225f91814e8610477d65f33cefe4 fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-3621: 792211333ad77fcea50a44bb7f695783159fc63c nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3646: b7e409d11db9ce9f8bc05fcdfa24d143f60cd393 nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-40768: 20a5bde605979af270f94b9151f753ec2caf8b05 scsi: stex: Properly zero out the passthrough command structure
@@ -788,6 +789,15 @@
CVE-2022-3565: 466ed722f205c2cf8caba5982f3cd9729e767903 mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: 61fd56b0a1a3e923aced4455071177778dd59e88 r8152: Rate limit overflow messages
CVE-2022-3649: d1c2d820a2cd73867b7d352e89e92fb3ac29e926 nilfs2: fix use-after-free bug of struct nilfs_root
+ CVE-2022-41849: 3742e9fd552e6c4193ebc5eb3d2cd02d429cad9c fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: e30c3a9a88818e5cf3df3fda6ab8388bef3bc6cd HID: roccat: Fix use-after-free in roccat_read()
+
+CVEs fixed in 5.4.224:
+ CVE-2021-3759: bad83d55134e647a739ebef2082541963f2cbc92 memcg: enable accounting of ipc resources
+ CVE-2022-3524: 92aaa5e8fe90a008828a1207e66a30444bcb1cbd tcp/udp: Fix memory leak in ipv6_renew_options().
+ CVE-2022-3564: 4cd094fd5d872862ca278e15b9b51b07e915ef3f Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3628: a16415c8f156bec5399ef0345715ee4b90e5bb83 wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-42895: 6949400ec9feca7f88c0f6ca5cb5fdbcef419c89 Bluetooth: L2CAP: Fix attempting to access uninitialized memory
Outstanding CVEs:
CVE-2005-3660: (unk)
@@ -860,7 +870,6 @@
CVE-2021-3542: (unk)
CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc()
CVE-2021-3714: (unk)
- CVE-2021-3759: (unk) memcg: enable accounting of ipc resources
CVE-2021-3847: (unk)
CVE-2021-3864: (unk)
CVE-2021-3892: (unk)
@@ -893,49 +902,41 @@
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3238: (unk)
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
- CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options().
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 35b84b8..d738581 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -478,14 +478,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -501,7 +501,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -510,7 +510,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -519,19 +519,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -541,9 +540,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -552,8 +552,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -561,7 +561,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index ef04dcb..d2da7ac 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -512,14 +512,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -535,7 +535,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -544,7 +544,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -553,19 +553,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -575,9 +574,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -586,8 +586,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -595,7 +595,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index 5d09311..bc5a67c 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -453,14 +453,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -476,7 +476,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -485,7 +485,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -494,19 +494,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -516,9 +515,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -527,8 +527,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -536,7 +536,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index d87f42f..3355900 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -487,14 +487,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -510,7 +510,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -519,7 +519,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -528,19 +528,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -550,9 +549,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -561,8 +561,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -570,7 +570,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index 8a712ad..2341d76 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -441,14 +441,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -464,7 +464,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -473,7 +473,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -482,19 +482,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -504,9 +503,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -515,8 +515,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -524,7 +524,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index 786dd9a..6a84c62 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -475,14 +475,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -498,7 +498,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -507,7 +507,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -516,19 +516,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -538,9 +537,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -549,8 +549,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -558,7 +558,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index 31414b5..aa6103b 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -423,14 +423,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -446,7 +446,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -455,7 +455,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -464,19 +464,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -486,9 +485,10 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -497,8 +497,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -507,7 +507,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index 4940307..584453f 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -457,14 +457,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -480,7 +480,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -489,7 +489,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -498,19 +498,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -520,9 +519,10 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -531,8 +531,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -541,7 +541,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index 30d8760..bd6c78a 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -394,14 +394,14 @@
CVE-2022-2961: Fix unknown
CVE-2022-2964: Fix not seen in stream
CVE-2022-2977: Fix not seen in stream
-CVE-2022-2978: Fix unknown
+CVE-2022-2978: Fix not seen in stream
CVE-2022-29900: Fix not seen in stream
CVE-2022-29901: Fix not seen in stream
CVE-2022-2991: Fix not seen in stream
CVE-2022-3028: Fix not seen in stream
CVE-2022-30594: Fix not seen in stream
CVE-2022-3061: Fix not seen in stream
-CVE-2022-3169: Fix unknown
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3176: Fix not seen in stream
CVE-2022-3202: Fix not seen in stream
CVE-2022-32250: Fix not seen in stream
@@ -418,7 +418,7 @@
CVE-2022-33744: Fix not seen in stream
CVE-2022-33981: Fix not seen in stream
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-34918: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
@@ -427,7 +427,7 @@
CVE-2022-3535: Fix not seen in stream
CVE-2022-3542: Fix not seen in stream
CVE-2022-3545: Fix not seen in stream
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fix not seen in stream
CVE-2022-3565: Fix not seen in stream
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
@@ -436,19 +436,18 @@
CVE-2022-3594: Fix not seen in stream
CVE-2022-3595: Fix not seen in stream
CVE-2022-36123: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fix not seen in stream
CVE-2022-3623: Fix not seen in stream
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fix not seen in stream
CVE-2022-36280: Fix unknown
CVE-2022-3629: Fix not seen in stream
CVE-2022-3630: Fix not seen in stream
CVE-2022-3633: Fix not seen in stream
CVE-2022-3635: Fix not seen in stream
CVE-2022-3636: Fix not seen in stream
-CVE-2022-3640: Fix unknown
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fix not seen in stream
@@ -458,10 +457,11 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
CVE-2022-39189: Fix not seen in stream
CVE-2022-39190: Fix not seen in stream
+CVE-2022-3977: Fix not seen in stream
CVE-2022-39842: Fix not seen in stream
CVE-2022-40133: Fix unknown
CVE-2022-40307: Fix not seen in stream
@@ -470,8 +470,8 @@
CVE-2022-41222: Fix not seen in stream
CVE-2022-41674: Fix not seen in stream
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fix not seen in stream
+CVE-2022-41850: Fix not seen in stream
CVE-2022-42703: Fix not seen in stream
CVE-2022-42719: Fix not seen in stream
CVE-2022-42720: Fix not seen in stream
@@ -480,7 +480,6 @@
CVE-2022-42895: Fix not seen in stream
CVE-2022-42896: Fix not seen in stream
CVE-2022-43750: Fix not seen in stream
-CVE-2022-43945: Fix not seen in stream
CVE-2022-44032: Fix unknown
CVE-2022-44033: Fix unknown
CVE-2022-44034: Fix unknown
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index 018d59c..ecd5ddb 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -424,14 +424,14 @@
CVE-2022-2961: (unk)
CVE-2022-2964: (unk) net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
CVE-2022-2977: (unk) tpm: fix reference counting for struct tpm_chip
- CVE-2022-2978: (unk)
+ CVE-2022-2978: (unk) fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-29901: (unk) x86/kvm/vmx: Make noinstr clean
CVE-2022-2991: (unk) remove the lightnvm subsystem
CVE-2022-3028: (unk) af_key: Do not call xfrm_probe_algs in parallel
CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-3061: (unk) video: fbdev: i740fb: Error out if 'pixclock' equals zero
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling
CVE-2022-3202: (unk) jfs: prevent NULL deref in diFree
CVE-2022-32250: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
@@ -448,7 +448,7 @@
CVE-2022-33744: (unk) xen/arm: Fix race in RB-tree based P2M accounting
CVE-2022-33981: (unk) floppy: disable FDRAWCMD by default
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
@@ -457,7 +457,7 @@
CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak
CVE-2022-3542: (unk) bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
- CVE-2022-3564: (unk)
+ CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
@@ -466,19 +466,18 @@
CVE-2022-3594: (unk) r8152: Rate limit overflow messages
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-36123: (unk) x86: Clear .brk area at early boot
- CVE-2022-3619: (unk)
+ CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
CVE-2022-3621: (unk) nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
- CVE-2022-3628: (unk)
+ CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
CVE-2022-36280: (unk)
CVE-2022-3629: (unk) vsock: Fix memory leak in vsock_connect()
CVE-2022-3630: (unk) fscache: don't leak cookie access refs if invalidation is in progress or failed
CVE-2022-3633: (unk) can: j1939: j1939_session_destroy(): fix memory leak of skbs
CVE-2022-3635: (unk) atm: idt77252: fix use-after-free bugs caused by tst_timer
CVE-2022-3636: (unk) net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
@@ -488,10 +487,11 @@
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-39190: (unk) netfilter: nf_tables: disallow binding to already bound chain
+ CVE-2022-3977: (unk) mctp: prevent double key removal and unref
CVE-2022-39842: (unk) video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
CVE-2022-40133: (unk)
CVE-2022-40307: (unk) efi: capsule-loader: Fix use-after-free in efi_capsule_write
@@ -500,8 +500,8 @@
CVE-2022-41222: (unk) mm/mremap: hold the rmap lock in write mode when moving page table entries.
CVE-2022-41674: (unk) wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
+ CVE-2022-41849: (unk) fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: (unk) HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-42703: (unk) mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
CVE-2022-42719: (unk) wifi: mac80211: fix MBSSID parsing use-after-free
CVE-2022-42720: (unk) wifi: cfg80211: fix BSS refcounting bugs
@@ -510,7 +510,6 @@
CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-43750: (unk) usb: mon: make mmapped memory read only
- CVE-2022-43945: (unk) NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt
index 4a41e15..f5da4c4 100644
--- a/data/6.0/6.0_CVEs.txt
+++ b/data/6.0/6.0_CVEs.txt
@@ -64,12 +64,12 @@
CVE-2022-2602: Fixed with 6.0.3
CVE-2022-26878: Fix unknown
CVE-2022-2961: Fix unknown
-CVE-2022-2978: Fix unknown
-CVE-2022-3169: Fix unknown
+CVE-2022-2978: Fixed with 6.0.1
+CVE-2022-3169: Fix not seen in stream
CVE-2022-3238: Fix unknown
CVE-2022-3344: Fix unknown
CVE-2022-3424: Fix unknown
-CVE-2022-3435: Fix unknown
+CVE-2022-3435: Fix not seen in stream
CVE-2022-3521: Fix not seen in stream
CVE-2022-3522: Fix not seen in stream
CVE-2022-3523: Fix not seen in stream
@@ -80,18 +80,18 @@
CVE-2022-3542: Fixed with 6.0.3
CVE-2022-3543: Fixed with 6.0.3
CVE-2022-3544: Fix unknown
-CVE-2022-3564: Fix unknown
+CVE-2022-3564: Fixed with 6.0.8
CVE-2022-3565: Fixed with 6.0.3
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
CVE-2022-3594: Fixed with 6.0.3
CVE-2022-3595: Fix not seen in stream
-CVE-2022-3619: Fix unknown
+CVE-2022-3619: Fixed with 6.0.8
CVE-2022-3621: Fixed with 6.0.2
CVE-2022-3623: Fixed with 6.0.3
-CVE-2022-3628: Fix unknown
+CVE-2022-3628: Fixed with 6.0.8
CVE-2022-36280: Fix unknown
-CVE-2022-3640: Fix unknown
+CVE-2022-3640: Fixed with 6.0.8
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3646: Fixed with 6.0.2
@@ -99,20 +99,21 @@
CVE-2022-3707: Fix unknown
CVE-2022-38096: Fix unknown
CVE-2022-38457: Fix unknown
-CVE-2022-3903: Fix unknown
+CVE-2022-3903: Fix not seen in stream
+CVE-2022-3977: Fixed with 6.0.2
CVE-2022-40133: Fix unknown
CVE-2022-40768: Fixed with 6.0.2
CVE-2022-41218: Fix unknown
CVE-2022-41674: Fixed with 6.0.2
CVE-2022-41848: Fix unknown
-CVE-2022-41849: Fix unknown
-CVE-2022-41850: Fix unknown
+CVE-2022-41849: Fixed with 6.0.3
+CVE-2022-41850: Fixed with 6.0.3
CVE-2022-42719: Fixed with 6.0.2
CVE-2022-42720: Fixed with 6.0.2
CVE-2022-42721: Fixed with 6.0.2
CVE-2022-42722: Fixed with 6.0.2
-CVE-2022-42895: Fix not seen in stream
-CVE-2022-42896: Fix not seen in stream
+CVE-2022-42895: Fixed with 6.0.8
+CVE-2022-42896: Fixed with 6.0.8
CVE-2022-43750: Fixed with 6.0.1
CVE-2022-43945: Fixed with 6.0.3
CVE-2022-44032: Fix unknown
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt
index 5b6dbbf..29f26a3 100644
--- a/data/6.0/6.0_security.txt
+++ b/data/6.0/6.0_security.txt
@@ -3,12 +3,14 @@
CVE-2022-2308: 46f8a29272e51b6df7393d58fc5cb8967397ef2b vduse: prevent uninitialized memory accesses
CVEs fixed in 6.0.1:
+ CVE-2022-2978: 2a96b532098284ecf8e4849b8b9e5fc7a28bdee9 fs: fix UAF/GPF bug in nilfs_mdt_destroy
CVE-2022-43750: 08e2c70e549b77f5f3af9c76da00779d5756f997 usb: mon: make mmapped memory read only
CVEs fixed in 6.0.2:
CVE-2022-3621: 037e760a4a009e9545a51e87c98c22d9aaf32df7 nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
CVE-2022-3646: 9dc48a360e7b6bb16c48625f8f80ab7665bc9648 nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-3649: 6251c9c0430d70cc221d0bb907b278bd99d7b066 nilfs2: fix use-after-free bug of struct nilfs_root
+ CVE-2022-3977: 3c7c84319833259b0bb8c879928700c9e42d6562 mctp: prevent double key removal and unref
CVE-2022-40768: b9b7369d89924a366b20045dc26dc4dc6b0567a4 scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41674: fc1ed6d0c9898a68da7f1f7843560dfda57683e2 wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-42719: 4afcb8886800131f8dd58d82754ee0c508303d46 wifi: mac80211: fix MBSSID parsing use-after-free
@@ -25,11 +27,21 @@
CVE-2022-3565: 5c9422e2d8563a3efe064493ff7ebbc2948441ea mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: 21f2532974115026fdab1205aab275d6181fb89f r8152: Rate limit overflow messages
CVE-2022-3623: 7c7c79dd5a388758f8dfa3de89b131d5d84f25fd mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
+ CVE-2022-41849: e2e5264dcf5796559869750a2d6943ac88fe3918 fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ CVE-2022-41850: 8a251549ab577d64ece210a11c404354479bd635 HID: roccat: Fix use-after-free in roccat_read()
CVE-2022-43945: f59c74df82f6ac9d2ea4e01aa3ae7c6c4481652d NFSD: Protect against send buffer overflow in NFSv2 READDIR
CVEs fixed in 6.0.7:
CVE-2022-3524: 0c5d628f1e1d049c33595693fab1b6e9baf25795 tcp/udp: Fix memory leak in ipv6_renew_options().
+CVEs fixed in 6.0.8:
+ CVE-2022-3564: 9a04161244603f502c6e453913e51edd59cb70c1 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
+ CVE-2022-3619: 5b4f039a2f487c5edae681d763fe1af505f84c13 Bluetooth: L2CAP: Fix memory leak in vhci_write
+ CVE-2022-3628: 631f73deedeb0fbc92ca5037d5a71c9fcae7974d wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
+ CVE-2022-3640: 8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9 Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
+ CVE-2022-42895: e1aada9b71493b2e11c2a239ece99a97e3f13431 Bluetooth: L2CAP: Fix attempting to access uninitialized memory
+ CVE-2022-42896: d7efeb93213becae13c6a12e4150ce1e07bd2c49 Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -95,38 +107,29 @@
CVE-2022-25265: (unk)
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
- CVE-2022-2978: (unk)
- CVE-2022-3169: (unk)
+ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded
CVE-2022-3238: (unk)
CVE-2022-3344: (unk)
CVE-2022-3424: (unk)
- CVE-2022-3435: (unk)
+ CVE-2022-3435: (unk) ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
CVE-2022-3521: (unk) kcm: avoid potential race in kcm_tx_work
CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check
CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page
CVE-2022-3531: (unk)
CVE-2022-3544: (unk)
- CVE-2022-3564: (unk)
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
- CVE-2022-3619: (unk)
- CVE-2022-3628: (unk)
CVE-2022-36280: (unk)
- CVE-2022-3640: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3707: (unk)
CVE-2022-38096: (unk)
CVE-2022-38457: (unk)
- CVE-2022-3903: (unk)
+ CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-40133: (unk)
CVE-2022-41218: (unk)
CVE-2022-41848: (unk)
- CVE-2022-41849: (unk)
- CVE-2022-41850: (unk)
- CVE-2022-42895: (unk) Bluetooth: L2CAP: Fix attempting to access uninitialized memory
- CVE-2022-42896: (unk) Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
CVE-2022-44032: (unk)
CVE-2022-44033: (unk)
CVE-2022-44034: (unk)
diff --git a/data/CVEs.txt b/data/CVEs.txt
index 4debf00..a5a7712 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2111,9 +2111,9 @@
CVE-2022-2961: (n/a) - (n/a) (unk to unk)
CVE-2022-2964: e2ca90c276e1fc410d7cd3c1a4eee245ec902a20 - 57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581 (v3.9-rc2 to v5.17-rc4)
CVE-2022-2977: fdc915f7f71939ad5a3dda3389b8d2d7a7c5ee66 - 7e0438f83dc769465ee663bb5dcf8cc154940712 (v4.12-rc1 to v5.18-rc1)
-CVE-2022-2978: (n/a) - (n/a) (unk to unk)
-CVE-2022-29900: (n/a) - 742ab6df974ae8384a2dd213db1a3a06cf6d8936 (unk to v5.19-rc7)
-CVE-2022-29901: (n/a) - 742ab6df974ae8384a2dd213db1a3a06cf6d8936 (unk to v5.19-rc7)
+CVE-2022-2978: (n/a) - 2e488f13755ffbb60f307e991b27024716a33b29 (unk to v6.1-rc1)
+CVE-2022-29900: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 742ab6df974ae8384a2dd213db1a3a06cf6d8936 (v2.6.12-rc2 to v5.19-rc7)
+CVE-2022-29901: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 742ab6df974ae8384a2dd213db1a3a06cf6d8936 (v2.6.12-rc2 to v5.19-rc7)
CVE-2022-2991: cd9e9808d18fe7107c306f6e71c8be7230ee42b4 - 9ea9b9c48387edc101d56349492ad9c0492ff78d (v4.4-rc1 to v5.15-rc1)
CVE-2022-29968: 3e08773c3841e9db7a520908cc2b136a77d275ff - 32452a3eb8b64e01e2be717f518c0be046975b9d (v5.16-rc1 to v5.18-rc5)
CVE-2022-3028: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ba953a9d89a00c078b85f4b190bc1dde66fe16b5 (v2.6.12-rc2 to v6.0-rc3)
@@ -2122,7 +2122,7 @@
CVE-2022-3077: 5e9a97b1f4491b8b65874901ad084348fcaba327 - 690b2549b19563ec5ad53e5c82f6a944d910086e (v5.11-rc1 to v5.19-rc1)
CVE-2022-3078: f90cf6079bf67988f8b1ad1ade70fc89d0080905 - e6a21a14106d9718aa4f8e115b1e474888eeba44 (v5.10-rc1 to v5.18-rc1)
CVE-2022-3103: 78a861b9495920f8609dee5b670dacbff09d359f - 47abea041f897d64dbd5777f0cf7745148f85d75 (v6.0-rc1 to v6.0-rc3)
-CVE-2022-3169: (n/a) - (n/a) (unk to unk)
+CVE-2022-3169: (n/a) - 1e866afd4bcdd01a70a5eddb4371158d3035ce03 (unk to v6.1-rc1)
CVE-2022-3170: c27e1efb61c545f36c450ef60862df9251d239a4 - 6ab55ec0a938c7f943a4edba3d6514f775983887 (v6.0-rc1 to v6.0-rc4)
CVE-2022-3176: 221c5eb2338232f7340386de1c43decc32682e58 - 791f3465c4afde02d7f16cf7424ca87070b69396 (v5.1-rc1 to v5.17-rc1)
CVE-2022-3202: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a53046291020ec41e09181396c1e829287b48d47 (v2.6.12-rc2 to v5.18-rc1)
@@ -2140,7 +2140,7 @@
CVE-2022-33744: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b75cd218274e01d026dc5240e86fdeb44bbed0c8 (v2.6.12-rc2 to v5.19-rc6)
CVE-2022-33981: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 233087ca063686964a53c829d547c7571e3f67bf (v2.6.12-rc2 to v5.18-rc5)
CVE-2022-3424: (n/a) - (n/a) (unk to unk)
-CVE-2022-3435: (n/a) - (n/a) (unk to unk)
+CVE-2022-3435: (n/a) - 61b91eb33a69c3be11b259c5ea484505cd79f883 (unk to v6.1-rc1)
CVE-2022-34494: c486682ae1e2b149add22f44cf413b3103e3ef39 - 1680939e9ecf7764fba8689cfb3429c2fe2bb23c (v5.13-rc1 to v5.19-rc1)
CVE-2022-34495: c486682ae1e2b149add22f44cf413b3103e3ef39 - c2eecefec5df1306eafce28ccdf1ca159a552ecc (v5.13-rc1 to v5.19-rc1)
CVE-2022-34918: 7d7402642eaf385aef0772eff5a35e34fc4995d7 - 7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6 (v4.1-rc1 to v5.19-rc6)
@@ -2157,28 +2157,28 @@
CVE-2022-3543: 314001f0bf927015e459c9d387d62a231fe93af3 - 7a62ed61367b8fd01bae1e18e30602c25060d824 (v5.15-rc1 to v6.1-rc1)
CVE-2022-3544: a61ea561c87139992fe32afdee48a6f6b85d824a - (n/a) (v5.18-rc1 to unk)
CVE-2022-3545: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 02e1a114fdb71e59ee6770294166c30d437bf86a (v2.6.12-rc2 to v6.0-rc1)
-CVE-2022-3564: 4b51dae96731c9d82f5634e75ac7ffd3b9c1b060 - (n/a) (v3.6-rc1 to unk)
+CVE-2022-3564: 4b51dae96731c9d82f5634e75ac7ffd3b9c1b060 - 3aff8aaca4e36dc8b17eaa011684881a80238966 (v3.6-rc1 to v6.1-rc4)
CVE-2022-3565: 3712b42d4b1bec29a4232a6673bf2e6dcc5faa68 - 2568a7e0832ee30b0a351016d03062ab4e0e0a3f (v2.6.27-rc1 to v6.1-rc1)
CVE-2022-3566: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 (v2.6.12-rc2 to v6.1-rc1)
CVE-2022-3567: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 364f997b5cfe1db0d63a390fe7c801fa2b3115f6 (v2.6.12-rc2 to v6.1-rc1)
-CVE-2022-3577: (n/a) - fc4ef9d5724973193bfa5ebed181dba6de3a56db (unk to v5.19-rc1)
+CVE-2022-3577: 256a90ed9e46b270bbc4e15ef05216ff049c3721 - fc4ef9d5724973193bfa5ebed181dba6de3a56db (v4.20-rc1 to v5.19-rc1)
CVE-2022-3586: (n/a) - 9efd23297cca530bb35e1848665805d3fcdd7889 (unk to v6.0-rc5)
CVE-2022-3594: 40a82917b1d3a8aecedee6b64949795b75359731 - 93e2be344a7db169b7119de21ac1bf253b8c6907 (v3.12-rc1 to v6.1-rc1)
CVE-2022-3595: (n/a) - b854b4ee66437e6e1622fda90529c814978cb4ca (unk to v6.1-rc1)
CVE-2022-36123: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 38fa5479b41376dc9d7f57e71c83514285a25ca0 (v2.6.12-rc2 to v5.19-rc6)
-CVE-2022-3619: (n/a) - (n/a) (unk to unk)
-CVE-2022-3621: (n/a) - 21a87d88c2253350e115029f14fe2a10a7e6c856 (unk to v6.1-rc1)
-CVE-2022-3623: (n/a) - fac35ba763ed07ba93154c95ffc0c4a55023707f (unk to v6.1-rc1)
+CVE-2022-3619: (n/a) - 7c9524d929648935bac2bbb4c20437df8f9c3f42 (unk to v6.1-rc4)
+CVE-2022-3621: 05fe58fdc10df9ebea04c0eaed57adc47af5c184 - 21a87d88c2253350e115029f14fe2a10a7e6c856 (v2.6.30-rc1 to v6.1-rc1)
+CVE-2022-3623: 5480280d3f2d11d47f9be59d49b20a8d7d1b33e8 - fac35ba763ed07ba93154c95ffc0c4a55023707f (v5.1-rc1 to v6.1-rc1)
CVE-2022-3624: (n/a) - 4f5d33f4f798b1c6d92b613f0087f639d9836971 (unk to v6.0-rc1)
-CVE-2022-3625: (n/a) - 6b4db2e528f650c7fb712961aac36455468d5902 (unk to v6.0-rc1)
-CVE-2022-3628: (n/a) - (n/a) (unk to unk)
+CVE-2022-3625: 45f05def5c44c806f094709f1c9b03dcecdd54f0 - 6b4db2e528f650c7fb712961aac36455468d5902 (v4.19-rc1 to v6.0-rc1)
+CVE-2022-3628: (n/a) - 6788ba8aed4e28e90f72d68a9d794e34eac17295 (unk to v6.1-rc5)
CVE-2022-36280: (n/a) - (n/a) (unk to unk)
CVE-2022-3629: (n/a) - 7e97cfed9929eaabc41829c395eb0d1350fccb9d (unk to v6.0-rc1)
CVE-2022-3630: (n/a) - fb24771faf72a2fd62b3b6287af3c610c3ec9cf1 (unk to v6.0-rc1)
CVE-2022-3633: (n/a) - 8c21c54a53ab21842f5050fa090f26b03c0313d6 (unk to v6.0-rc1)
-CVE-2022-3635: (n/a) - 3f4093e2bf4673f218c0bf17d8362337c400e77b (unk to v6.0-rc1)
-CVE-2022-3636: (n/a) - 17a5f6a78dc7b8db385de346092d7d9f9dc24df6 (unk to v5.19-rc1)
-CVE-2022-3640: (n/a) - (n/a) (unk to unk)
+CVE-2022-3635: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 3f4093e2bf4673f218c0bf17d8362337c400e77b (v2.6.12-rc2 to v6.0-rc1)
+CVE-2022-3636: 33fc42de33278b2b3ec6f3390512987bc29a62b7 - 17a5f6a78dc7b8db385de346092d7d9f9dc24df6 (CVE Caused by Backporting)
+CVE-2022-3640: d0be8347c623e0ac4202a1d4e0373882821f56b0 - 0d0e2d032811280b927650ff3c15fe5020e82533 (v5.19 to v6.1-rc4)
CVE-2022-36402: (n/a) - (n/a) (unk to unk)
CVE-2022-3642: (n/a) - (n/a) (unk to unk)
CVE-2022-3646: (n/a) - d0d51a97063db4704a5ef6bc978dddab1636a306 (unk to v6.1-rc1)
@@ -2188,10 +2188,11 @@
CVE-2022-3707: (n/a) - (n/a) (unk to unk)
CVE-2022-38096: (n/a) - (n/a) (unk to unk)
CVE-2022-38457: (n/a) - (n/a) (unk to unk)
-CVE-2022-3903: (n/a) - (n/a) (unk to unk)
+CVE-2022-3903: (n/a) - 41fd1cb6151439b205ac7611883d85ae14250172 (unk to v6.1-rc2)
CVE-2022-39188: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b67fbebd4cf980aecbcc750e1462128bffe8ae15 (v2.6.12-rc2 to v5.19-rc8)
CVE-2022-39189: f38a7b75267f1fb240a8178cbcb16d66dd37aac8 - 6cd88243c7e03845a450795e134b488fc2afb736 (v4.16-rc1 to v5.19-rc2)
CVE-2022-39190: d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 - e02f0d3970404bfea385b6edb86f2d936db0ea2b (v5.9-rc1 to v6.0-rc3)
+CVE-2022-3977: (n/a) - 3a732b46736cd8a29092e4b0b1a9ba83e672bf89 (unk to v6.1-rc1)
CVE-2022-39842: 364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6 - a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7 (v2.6.38-rc1 to v5.19-rc4)
CVE-2022-40133: (n/a) - (n/a) (unk to unk)
CVE-2022-40307: 65117f1aa1b2d145fd5ca376bde642794d0aae1b - 9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95 (v4.7-rc1 to v6.0-rc5)
@@ -2201,8 +2202,8 @@
CVE-2022-41222: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 97113eb39fa7972722ff490b947d8af023e1f6a2 (v2.6.12-rc2 to v5.14-rc1)
CVE-2022-41674: 0b8fb8235be8be99a197e8d948fc0a2df8dc261a - aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d (v5.1-rc1 to v6.1-rc1)
CVE-2022-41848: (n/a) - (n/a) (unk to unk)
-CVE-2022-41849: (n/a) - (n/a) (unk to unk)
-CVE-2022-41850: (n/a) - (n/a) (unk to unk)
+CVE-2022-41849: (n/a) - 5610bcfe8693c02e2e4c8b31427f1bdbdecc839c (unk to v6.1-rc1)
+CVE-2022-41850: (n/a) - cacdb14b1c8d3804a3a7d31773bc7569837b71a4 (unk to v6.1-rc1)
CVE-2022-42703: 7a3ef208e662f4b63d43a23f61a64a129c525bbc - 2555283eb40df89945557273121e9393ef9b542b (v3.19-rc4 to v6.0-rc4)
CVE-2022-42719: 5023b14cf4df4d22e1a80738167f3438c9e62e5f - ff05d4b45dd89b922578dac497dcabf57cf771c6 (v5.2-rc1 to v6.1-rc1)
CVE-2022-42720: a3584f56de1c808d4383a275b4a74467b19e5645 - 0b7808818cb9df6680f98996b8e9a439fa7bcc2f (v5.1-rc1 to v6.1-rc1)
@@ -2211,7 +2212,7 @@
CVE-2022-42895: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b1a2cd50c0357f243b7435a732b4e62ba3157a2e (v2.6.12-rc2 to v6.1-rc4)
CVE-2022-42896: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 711f8c3fb3db61897080468586b970c87c61d9e4 (v2.6.12-rc2 to v6.1-rc4)
CVE-2022-43750: 6f23ee1fefdc1f80bd8a3ab04a1c41ab2dec14c9 - a659daf63d16aa883be42f3f34ff84235c302198 (v2.6.21-rc1 to v6.1-rc1)
-CVE-2022-43945: (n/a) - 00b4492686e0497fdb924a9d4c8f6f99377e176c (unk to v6.1-rc1)
+CVE-2022-43945: 5191955d6fc65e6d4efe8f4f10a6028298f57281 - 00b4492686e0497fdb924a9d4c8f6f99377e176c (v5.11-rc1 to v6.1-rc1)
CVE-2022-44032: (n/a) - (n/a) (unk to unk)
CVE-2022-44033: (n/a) - (n/a) (unk to unk)
CVE-2022-44034: (n/a) - (n/a) (unk to unk)
diff --git a/data/cmts.json b/data/cmts.json
index 9a592eb..c3e903c 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -67,6 +67,7 @@
"05ca5270005c18ec46decacef87992ea968f9fce": "v4.8-rc1",
"05cd84691eafcd7959a1e120d5e72c0dd98c5d91": "v5.11-rc3",
"05f0ffbc487517a529c00119d0bfde33df509b52": "v3.10-rc1",
+ "05fe58fdc10df9ebea04c0eaed57adc47af5c184": "v2.6.30-rc1",
"060423bfdee3f8bc6e2c1bac97de24d5415e2bc4": "v5.3",
"0614e2b73768b502fc32a75349823356d98aae2c": "v5.4-rc1",
"0625b4ba1a5d4703c7fb01c497bd6c156908af00": "v4.19-rc1",
@@ -151,6 +152,7 @@
"0d01da6afc5402f60325c5da31b22f7d56689b49": "v5.3-rc1",
"0d07c0ec4381f630c801539c79ad8dcc627f6e4a": "v5.10",
"0d0826019e529f21c84687521d03f60cd241ca7d": "v3.18-rc1",
+ "0d0e2d032811280b927650ff3c15fe5020e82533": "v6.1-rc4",
"0d0e57697f162da4aa218b5feafe614fb666db07": "v4.12-rc1",
"0d46748c3f874defbbbf98bcf40c7b18964abbc0": "v2.6.28-rc1",
"0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f": "v4.3-rc1",
@@ -366,6 +368,7 @@
"1e3921471354244f70fe268586ff94a97a6dd4df": "v4.14-rc8",
"1e58252e334dc3f3756f424a157d1b7484464c40": "v5.5-rc3",
"1e65b81a90df50bf450193065cc9073b706b8dda": "v3.18-rc1",
+ "1e866afd4bcdd01a70a5eddb4371158d3035ce03": "v6.1-rc1",
"1e87a2456b0227ca4ab881e19a11bb99d164e792": "v3.12-rc1",
"1e98ffea5a8935ec040ab72299e349cb44b8defd": "v4.16-rc1",
"1ebb71143758f45dc0fa76e2f48429e13b16d110": "v4.10-rc4",
@@ -449,6 +452,7 @@
"253f4911f297b83745938b7f2c5649b94730b002": "v4.7-rc1",
"2555283eb40df89945557273121e9393ef9b542b": "v6.0-rc4",
"2568a7e0832ee30b0a351016d03062ab4e0e0a3f": "v6.1-rc1",
+ "256a90ed9e46b270bbc4e15ef05216ff049c3721": "v4.20-rc1",
"256df2f3879efdb2e9808bdb1b54b16fbb11fa38": "v2.6.36-rc1",
"257b5358b32f17e0603b6ff57b13610b0e02348f": "v2.6.36-rc1",
"2638fd0f92d4397884fd991d8f4925cb3f081901": "v4.11-rc7",
@@ -549,6 +553,7 @@
"2e1c42391ff2556387b3cb6308b24f6f65619feb": "v4.14-rc4",
"2e2daff3a51f2d10155b03f461f4e29eaf80dcbd": "v3.9-rc1",
"2e3216cd54b142ba605e87522e15f42e0c4e3996": "v2.6.27-rc1",
+ "2e488f13755ffbb60f307e991b27024716a33b29": "v6.1-rc1",
"2e4c7553cd6f9c68bb741582dcb614edcbeca70f": "v3.15-rc1",
"2e7682ebfc750177a4944eeb56e97a3f05734528": "v5.2-rc1",
"2e83b79b2d6c78bf1b4aa227938a214dcbddc83f": "v4.6-rc1",
@@ -607,6 +612,7 @@
"338c7dbadd2671189cec7faf64c84d01071b3f96": "v3.13-rc4",
"338f977f4eb441e69bb9a46eaa0ac715c931a67f": "v3.14-rc3",
"33ab91103b3415e12457e3104f0e4517ce12d0f3": "v4.10-rc4",
+ "33fc42de33278b2b3ec6f3390512987bc29a62b7": "v5.19-rc1",
"340d394a789518018f834ff70f7534fc463d3226": "v4.13-rc1",
"342db04ae71273322f0011384a9ed414df8bdae4": "v4.19-rc2",
"342ffc26693b528648bdc9377e51e4f2450b4860": "v4.13-rc1",
@@ -694,12 +700,14 @@
"3a4d44b6162555070194e486ff6b3799a8d323a2": "v4.13-rc1",
"3a4d5c94e959359ece6d6b55045c3f046677f55c": "v2.6.34-rc1",
"3a50597de8635cd05133bd12c95681c82fe7b878": "v3.8-rc1",
+ "3a732b46736cd8a29092e4b0b1a9ba83e672bf89": "v6.1-rc1",
"3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb": "v4.14-rc1",
"3a9b153c5591548612c3955c9600a98150c81875": "v5.6-rc1",
"3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4": "v4.7-rc1",
"3ac6487e584a1eb54071dbe1212e05b884136704": "v5.18",
"3ac6d8c787b835b997eb23e43e09aa0895ef7d58": "v4.16-rc2",
"3afc9621f15701c557e60f61eba9242bac2771dd": "v3.5-rc1",
+ "3aff8aaca4e36dc8b17eaa011684881a80238966": "v6.1-rc4",
"3b0462726e7ef281c35a7a4ae33e93ee2bc9975b": "v5.14-rc2",
"3b0541791453fbe7f42867e310e0c9eb6295364d": "v5.2-rc3",
"3b1c5a5307fb5277f395efdcf330c064d79df07d": "v3.9-rc1",
@@ -782,6 +790,7 @@
"41bdc78544b8a93a9c6814b8bbbfef966272abbe": "v3.19-rc1",
"41df7f6d43723deb7364340b44bc5d94bf717456": "v3.12-rc2",
"41ef4eb8eef8d06bc1399e7b00c940d771554711": "v3.10-rc1",
+ "41fd1cb6151439b205ac7611883d85ae14250172": "v6.1-rc2",
"4206d3aa1978e44f58bfa4e1c9d8d35cbf19c187": "v2.6.25-rc1",
"421221234ada41b4a9f0beeb08e30b07388bd4bd": "v5.15-rc1",
"42288cb44c4b5fff7653bc392b583a2b8bd6a8c0": "v5.16-rc5",
@@ -829,6 +838,7 @@
"457f44363a8894135c85b7a9afd2bd8196db24ab": "v5.8-rc1",
"45c1380358b12bf2d1db20a5874e9544f56b34ab": "v5.4-rc7",
"45e093ae2830cd1264677d47ff9a95a71f5d9f9c": "v4.7-rc1",
+ "45f05def5c44c806f094709f1c9b03dcecdd54f0": "v4.19-rc1",
"45f6fad84cc305103b28d73482b344d7f5b76f39": "v4.4-rc4",
"462cdace790ac2ed6aad1b19c9c0af0143b6aab0": "v4.13-rc6",
"46612b751c4941c5c0472ddf04027e877ae5990f": "v5.1-rc1",
@@ -964,6 +974,7 @@
"513dc792d6060d5ef572e43852683097a8420f56": "v5.6-rc5",
"5146f95df782b0ac61abde36567e718692725c89": "v4.20",
"514c7dca85a0bf40be984dab0b477403a6db901f": "v4.19-rc1",
+ "5191955d6fc65e6d4efe8f4f10a6028298f57281": "v5.11-rc1",
"51aa68e7d57e3217192d88ce90fd5b8ef29ec94f": "v4.14-rc1",
"51ac8893a7a51b196501164e645583bf78138699": "v3.8-rc7",
"51b00d8509dc69c98740da2ad07308b630d3eb7d": "v5.0-rc3",
@@ -993,6 +1004,7 @@
"54309fde1a352ad2674ebba004a79f7d20b9f037": "v5.17-rc5",
"543ce63b664e2c2f9533d089a4664b559c3e6b5b": "v5.19-rc8",
"54648cf1ec2d7f4b6a71767799c45676a138ca24": "v4.19-rc1",
+ "5480280d3f2d11d47f9be59d49b20a8d7d1b33e8": "v5.1-rc1",
"548acf19234dbda5a52d5a8e7e205af46e9da840": "v4.6-rc1",
"54a20552e1eae07aa240fa370a0293e006b5faed": "v4.4-rc1",
"54a217887a7b658e2650c3feff22756ab80c7339": "v3.15",
@@ -1011,6 +1023,7 @@
"5593473a1e6c743764b08e3b6071cb43b5cfa6c4": "v5.18-rc3",
"5593523f968bc86d42a035c6df47d5e0979b5ace": "v4.10-rc8",
"55e8c8eb2c7b6bf30e99423ccfe7ca032f498f59": "v5.7-rc1",
+ "5610bcfe8693c02e2e4c8b31427f1bdbdecc839c": "v6.1-rc1",
"5612a508d11f81c1ca3290260f86328dfb55d513": "v3.5-rc1",
"5612e191ca1f88e16c48bb373d90d1508196aa95": "v4.8-rc1",
"5615968a70845157adaffc11062c997d045339ee": "v2.6.31-rc1",
@@ -1138,6 +1151,7 @@
"6134041bef0aeb9cb7c8a8daf045b44513cd8396": "v3.15-rc1",
"6160968cee8b90a5dd95318d716e31d7775c4ef3": "v3.11-rc5",
"61a96113de51e1f8f43ac98cbeadb54e60045905": "v3.6-rc1",
+ "61b91eb33a69c3be11b259c5ea484505cd79f883": "v6.1-rc1",
"61c9fed41638249f8b6ca5345064eb1beb50179f": "v2.6.17-rc5",
"61cf93700fe6359552848ed5e3becba6cd760efa": "v5.12-rc3",
"61ea0c0ba904a55f55317d850c1072ff7835ac92": "v3.13-rc1",
@@ -1198,6 +1212,7 @@
"670ae9caaca467ea1bfd325cb2a5c98ba87f94ad": "v4.18-rc1",
"670f928ba09b06712da34a3c44be6c8fa561fb19": "v4.15-rc1",
"677e806da4d916052585301785d847c3b3e6186a": "v4.11-rc5",
+ "6788ba8aed4e28e90f72d68a9d794e34eac17295": "v6.1-rc5",
"67a2e213e7e937c41c52ab5bc46bf3f4de469f6e": "v4.3-rc7",
"67b0503db9c29b04eadfeede6bebbfe5ddad94ef": "v4.11-rc4",
"67b67e365f07d6dc70f3bb266af3268bac0a4836": "v2.6.37-rc1",
@@ -1450,6 +1465,7 @@
"7c6967326267bd5c0dded0a99541357d70dd11ac": "v5.10-rc1",
"7c80f9e4a588f1925b07134bb2e3689335f6c6d8": "v4.14-rc5",
"7c94e1c157a227837b04f02f5edeff8301410ba2": "v3.18-rc1",
+ "7c9524d929648935bac2bbb4c20437df8f9c3f42": "v6.1-rc4",
"7c9bc0983f890ed9782e755a0e070930cd979333": "v4.15-rc1",
"7c9cbd0b5e38a1672fcd137894ace3b042dfbf69": "v5.1-rc1",
"7caac62ed598a196d6ddf8d9c121e12e082cac3a": "v5.3",
@@ -2362,6 +2378,7 @@
"cac2661c53f35cbe651bef9b07026a5a05ab8ce0": "v4.11-rc1",
"cac5818c25d0423bda73e2b6997404ed0a7ed9e3": "v4.20-rc1",
"cac9b50b0d75a1d50d6c056ff65c005f3224c8e0": "v4.5-rc2",
+ "cacdb14b1c8d3804a3a7d31773bc7569837b71a4": "v6.1-rc1",
"cadfad870154e14f745ec845708bc17d166065f2": "v5.8-rc6",
"cb17ed29a7a5fea8c9bf70e8a05757d71650e025": "v5.9-rc1",
"cb1ce2ef387b01686469487edd45994872d52d73": "v3.17-rc1",
@@ -2430,6 +2447,7 @@
"d03032af511c56d3c1580fa4f54f6285f650e638": "v2.6.28-rc1",
"d049f74f2dbe71354d43d393ac3a188947811348": "v3.13-rc1",
"d08e973a77d128b25e01a08c34d89593fdf222da": "v3.16-rc1",
+ "d0be8347c623e0ac4202a1d4e0373882821f56b0": "v5.19",
"d0c7feaf87678371c2c09b3709400be416b2dc62": "v5.7-rc1",
"d0cb50185ae942b03c4327be322055d622dc79f6": "v5.5",
"d0d51a97063db4704a5ef6bc978dddab1636a306": "v6.1-rc1",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index 885b0e4..2e76e89 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -65585,7 +65585,8 @@
"breaks": "a9bb7e620efdfd29b6d1c238041173e411670996",
"cmt_msg": "memcg: enable accounting of ipc resources",
"fixes": "18319498fdd4cdf8c1c2c48cd432863b1f915d6f",
- "last_modified": "2021-09-15",
+ "last_affected_version": "5.10.153",
+ "last_modified": "2022-11-17",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2021-3759",
"ExploitDB": "https://www.exploit-db.com/search?cve=2021-3759",
@@ -73045,18 +73046,20 @@
"last_modified": "2022-09-19"
},
"CVE-2022-2978": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc1",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-08-26"
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "fixes": "2e488f13755ffbb60f307e991b27024716a33b29",
+ "last_affected_version": "6.0.0",
+ "last_modified": "2022-11-17"
},
"CVE-2022-29900": {
- "affected_versions": "unk to v5.19-rc7",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v5.19-rc7",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "x86/kvm/vmx: Make noinstr clean",
"fixes": "742ab6df974ae8384a2dd213db1a3a06cf6d8936",
"last_affected_version": "5.18.13",
- "last_modified": "2022-10-12",
+ "last_modified": "2022-11-17",
"nvd_text": "AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-29900",
@@ -73068,12 +73071,12 @@
}
},
"CVE-2022-29901": {
- "affected_versions": "unk to v5.19-rc7",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v5.19-rc7",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "x86/kvm/vmx: Make noinstr clean",
"fixes": "742ab6df974ae8384a2dd213db1a3a06cf6d8936",
"last_affected_version": "5.18.13",
- "last_modified": "2022-10-12",
+ "last_modified": "2022-11-17",
"nvd_text": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-29901",
@@ -73211,10 +73214,11 @@
"last_modified": "2022-10-03"
},
"CVE-2022-3169": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc1",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-09-13"
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded",
+ "fixes": "1e866afd4bcdd01a70a5eddb4371158d3035ce03",
+ "last_modified": "2022-11-17"
},
"CVE-2022-3170": {
"affected_versions": "v6.0-rc1 to v6.0-rc4",
@@ -73633,10 +73637,11 @@
"last_modified": "2022-10-12"
},
"CVE-2022-3435": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc1",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-10-12"
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference",
+ "fixes": "61b91eb33a69c3be11b259c5ea484505cd79f883",
+ "last_modified": "2022-11-17"
},
"CVE-2022-34494": {
"affected_versions": "v5.13-rc1 to v5.19-rc1",
@@ -73785,7 +73790,7 @@
"cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options().",
"fixes": "3c52c6bb831f6335c176a0fc7214e26f43adbd11",
"last_affected_version": "6.0.6",
- "last_modified": "2022-11-10"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3526": {
"affected_versions": "v5.13-rc1 to v5.18-rc3",
@@ -73829,7 +73834,7 @@
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
"fixes": "b43f9acbb8942b05252be83ac25a81cec70cc192",
"last_affected_version": "6.0.2",
- "last_modified": "2022-10-31"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3543": {
"affected_versions": "v5.15-rc1 to v6.1-rc1",
@@ -73837,7 +73842,7 @@
"cmt_msg": "af_unix: Fix memory leaks of the whole sk due to OOB skb.",
"fixes": "7a62ed61367b8fd01bae1e18e30602c25060d824",
"last_affected_version": "6.0.2",
- "last_modified": "2022-10-31"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3544": {
"affected_versions": "v5.18-rc1 to unk",
@@ -73853,10 +73858,12 @@
"last_modified": "2022-10-31"
},
"CVE-2022-3564": {
- "affected_versions": "v3.6-rc1 to unk",
+ "affected_versions": "v3.6-rc1 to v6.1-rc4",
"breaks": "4b51dae96731c9d82f5634e75ac7ffd3b9c1b060",
- "fixes": "89f9f3cb86b1c63badaf392a83dd661d56cc50b1",
- "last_modified": "2022-10-31"
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "fixes": "3aff8aaca4e36dc8b17eaa011684881a80238966",
+ "last_affected_version": "6.0.7",
+ "last_modified": "2022-11-17"
},
"CVE-2022-3565": {
"affected_versions": "v2.6.27-rc1 to v6.1-rc1",
@@ -73881,12 +73888,12 @@
"last_modified": "2022-10-31"
},
"CVE-2022-3577": {
- "affected_versions": "unk to v5.19-rc1",
- "breaks": "",
+ "affected_versions": "v4.20-rc1 to v5.19-rc1",
+ "breaks": "256a90ed9e46b270bbc4e15ef05216ff049c3721",
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe",
"fixes": "fc4ef9d5724973193bfa5ebed181dba6de3a56db",
"last_affected_version": "5.18.2",
- "last_modified": "2022-10-20"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3586": {
"affected_versions": "unk to v6.0-rc5",
@@ -73920,26 +73927,28 @@
"last_modified": "2022-08-12"
},
"CVE-2022-3619": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc4",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-10-24"
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write",
+ "fixes": "7c9524d929648935bac2bbb4c20437df8f9c3f42",
+ "last_affected_version": "6.0.7",
+ "last_modified": "2022-11-17"
},
"CVE-2022-3621": {
- "affected_versions": "unk to v6.1-rc1",
- "breaks": "",
+ "affected_versions": "v2.6.30-rc1 to v6.1-rc1",
+ "breaks": "05fe58fdc10df9ebea04c0eaed57adc47af5c184",
"cmt_msg": "nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()",
"fixes": "21a87d88c2253350e115029f14fe2a10a7e6c856",
"last_affected_version": "6.0.1",
- "last_modified": "2022-10-31"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3623": {
- "affected_versions": "unk to v6.1-rc1",
- "breaks": "",
+ "affected_versions": "v5.1-rc1 to v6.1-rc1",
+ "breaks": "5480280d3f2d11d47f9be59d49b20a8d7d1b33e8",
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page",
"fixes": "fac35ba763ed07ba93154c95ffc0c4a55023707f",
"last_affected_version": "6.0.2",
- "last_modified": "2022-10-24"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3624": {
"affected_versions": "unk to v6.0-rc1",
@@ -73949,18 +73958,20 @@
"last_modified": "2022-10-24"
},
"CVE-2022-3625": {
- "affected_versions": "unk to v6.0-rc1",
- "breaks": "",
+ "affected_versions": "v4.19-rc1 to v6.0-rc1",
+ "breaks": "45f05def5c44c806f094709f1c9b03dcecdd54f0",
"cmt_msg": "devlink: Fix use-after-free after a failed reload",
"fixes": "6b4db2e528f650c7fb712961aac36455468d5902",
"last_affected_version": "5.15.62",
- "last_modified": "2022-10-24"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3628": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc5",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-10-31"
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "fixes": "6788ba8aed4e28e90f72d68a9d794e34eac17295",
+ "last_affected_version": "6.0.7",
+ "last_modified": "2022-11-17"
},
"CVE-2022-36280": {
"affected_versions": "unk to unk",
@@ -73992,25 +74003,28 @@
"last_modified": "2022-10-24"
},
"CVE-2022-3635": {
- "affected_versions": "unk to v6.0-rc1",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v6.0-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "atm: idt77252: fix use-after-free bugs caused by tst_timer",
"fixes": "3f4093e2bf4673f218c0bf17d8362337c400e77b",
"last_affected_version": "5.19.3",
- "last_modified": "2022-11-10"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3636": {
"affected_versions": "unk to v5.19-rc1",
- "breaks": "",
+ "backport": true,
+ "breaks": "33fc42de33278b2b3ec6f3390512987bc29a62b7",
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()",
"fixes": "17a5f6a78dc7b8db385de346092d7d9f9dc24df6",
- "last_modified": "2022-10-24"
+ "last_modified": "2022-11-17"
},
"CVE-2022-3640": {
- "affected_versions": "unk to unk",
- "breaks": "",
- "fixes": "",
- "last_modified": "2022-10-24"
+ "affected_versions": "v5.19 to v6.1-rc4",
+ "breaks": "d0be8347c623e0ac4202a1d4e0373882821f56b0",
+ "cmt_msg": "Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()",
+ "fixes": "0d0e2d032811280b927650ff3c15fe5020e82533",
+ "last_affected_version": "6.0.7",
+ "last_modified": "2022-11-17"
},
"CVE-2022-36402": {
"affected_versions": "unk to unk",
@@ -74075,10 +74089,11 @@
"last_modified": "2022-09-19"
},
"CVE-2022-3903": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc2",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-11-10"
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines",
+ "fixes": "41fd1cb6151439b205ac7611883d85ae14250172",
+ "last_modified": "2022-11-17"
},
"CVE-2022-39188": {
"affected_versions": "v2.6.12-rc2 to v5.19-rc8",
@@ -74103,6 +74118,14 @@
"last_affected_version": "5.19.5",
"last_modified": "2022-09-27"
},
+ "CVE-2022-3977": {
+ "affected_versions": "unk to v6.1-rc1",
+ "breaks": "",
+ "cmt_msg": "mctp: prevent double key removal and unref",
+ "fixes": "3a732b46736cd8a29092e4b0b1a9ba83e672bf89",
+ "last_affected_version": "6.0.1",
+ "last_modified": "2022-11-17"
+ },
"CVE-2022-39842": {
"affected_versions": "v2.6.38-rc1 to v5.19-rc4",
"breaks": "364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6",
@@ -74168,16 +74191,20 @@
"last_modified": "2022-10-03"
},
"CVE-2022-41849": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc1",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-10-03"
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "fixes": "5610bcfe8693c02e2e4c8b31427f1bdbdecc839c",
+ "last_affected_version": "6.0.2",
+ "last_modified": "2022-11-17"
},
"CVE-2022-41850": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v6.1-rc1",
"breaks": "",
- "fixes": "",
- "last_modified": "2022-10-03"
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "fixes": "cacdb14b1c8d3804a3a7d31773bc7569837b71a4",
+ "last_affected_version": "6.0.2",
+ "last_modified": "2022-11-17"
},
"CVE-2022-42703": {
"affected_versions": "v3.19-rc4 to v6.0-rc4",
@@ -74224,14 +74251,16 @@
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
"fixes": "b1a2cd50c0357f243b7435a732b4e62ba3157a2e",
- "last_modified": "2022-11-10"
+ "last_affected_version": "6.0.7",
+ "last_modified": "2022-11-17"
},
"CVE-2022-42896": {
"affected_versions": "v2.6.12-rc2 to v6.1-rc4",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM",
"fixes": "711f8c3fb3db61897080468586b970c87c61d9e4",
- "last_modified": "2022-11-10"
+ "last_affected_version": "6.0.7",
+ "last_modified": "2022-11-17"
},
"CVE-2022-43750": {
"affected_versions": "v2.6.21-rc1 to v6.1-rc1",
@@ -74242,12 +74271,12 @@
"last_modified": "2022-10-31"
},
"CVE-2022-43945": {
- "affected_versions": "unk to v6.1-rc1",
- "breaks": "",
+ "affected_versions": "v5.11-rc1 to v6.1-rc1",
+ "breaks": "5191955d6fc65e6d4efe8f4f10a6028298f57281",
"cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR",
"fixes": "00b4492686e0497fdb924a9d4c8f6f99377e176c",
"last_affected_version": "6.0.2",
- "last_modified": "2022-11-10"
+ "last_modified": "2022-11-17"
},
"CVE-2022-44032": {
"affected_versions": "unk to unk",
diff --git a/data/stream_data.json b/data/stream_data.json
index 6af3897..0efcfee 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -2156,9 +2156,6 @@
"CVE-2018-13093": {
"cmt_msg": "xfs: validate cached inodes are free when allocated"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -2415,7 +2412,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -2427,7 +2424,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -2768,9 +2765,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -2997,13 +2991,13 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -3056,6 +3050,9 @@
"CVE-2017-13220": {
"cmt_msg": "Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -3096,7 +3093,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -3113,9 +3110,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -3267,7 +3261,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-20265": {
"cmt_msg": "af_unix: fix struct pid memory leak"
@@ -3384,7 +3378,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -3407,9 +3401,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -3462,7 +3453,7 @@
"cmt_msg": "time: Remove CONFIG_TIMER_STATS"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -3779,9 +3770,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -4020,7 +4008,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -4515,7 +4503,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -4628,9 +4616,6 @@
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -4971,7 +4956,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -5375,9 +5360,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-18017": {
"cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff"
},
@@ -5432,9 +5414,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -5748,20 +5727,17 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
},
@@ -5810,6 +5786,9 @@
"CVE-2017-13305": {
"cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -5859,7 +5838,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -6135,7 +6114,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -6306,7 +6285,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -6335,9 +6314,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -6423,7 +6399,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -7158,7 +7134,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -8176,7 +8152,7 @@
"cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2019-0155": {
"cmt_msg": "drm/i915: Rename gen7 cmdparser tables"
@@ -8209,7 +8185,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2018-9385": {
"cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer"
@@ -8568,9 +8544,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-24958": {
"cmt_msg": "usb: gadget: don't release an existing dev->buf"
},
@@ -8616,15 +8589,9 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -8887,16 +8854,13 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
- },
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
@@ -8943,6 +8907,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -8992,7 +8959,7 @@
"cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -9241,7 +9208,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2018-7740": {
"cmt_msg": "hugetlbfs: check for pgoff value overflow"
@@ -9403,7 +9370,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -9432,9 +9399,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19526": {
"cmt_msg": "NFC: pn533: fix use-after-free and memleaks"
},
@@ -9505,7 +9469,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -10183,7 +10147,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -11072,7 +11036,7 @@
"cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2019-0155": {
"cmt_msg": "drm/i915: Rename gen7 cmdparser tables"
@@ -11105,7 +11069,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2018-9385": {
"cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer"
@@ -11494,9 +11458,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2019-19530": {
"cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough"
},
@@ -11545,15 +11506,9 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -11831,16 +11786,13 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
- },
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
@@ -11890,6 +11842,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -11939,7 +11894,7 @@
"cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -12212,7 +12167,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2018-7740": {
"cmt_msg": "hugetlbfs: check for pgoff value overflow"
@@ -12377,7 +12332,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -12406,9 +12361,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19526": {
"cmt_msg": "NFC: pn533: fix use-after-free and memleaks"
},
@@ -12482,7 +12434,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -13184,7 +13136,7 @@
"cmt_msg": "media: dib0700: fix invalid dvb_detach argument"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -14062,7 +14014,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -14071,7 +14023,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2018-9385": {
"cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer"
@@ -14421,9 +14373,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-24958": {
"cmt_msg": "usb: gadget: don't release an existing dev->buf"
},
@@ -14466,15 +14415,9 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
@@ -14725,13 +14668,13 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -14772,6 +14715,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -14824,7 +14770,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -15055,7 +15001,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
@@ -15205,7 +15151,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -15231,9 +15177,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -15301,7 +15244,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -15666,9 +15609,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -15937,7 +15877,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -19490,9 +19430,13 @@
}
},
"4.14.296": {
- "CVE-2022-40768": {
- "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
- "cmt_id": "5c8395d775ca9044b361af4a19b2ff223485be35"
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "c0aa76b0f17f59dd9c9d3463550a2986a1d592e4"
+ },
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "fa008859983d9231b9241a4b9eac7aabfbb45155"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages",
@@ -19506,17 +19450,25 @@
"cmt_msg": "nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()",
"cmt_id": "1ce68de30b663b79073251162123e57cbed2dc84"
},
- "CVE-2022-3542": {
- "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
- "cmt_id": "f63e896e78c247d0be8165d99d543a28ca0be360"
+ "CVE-2022-3649": {
+ "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
+ "cmt_id": "26b9b66610d6f8f3333cb6f52e97745da875fee1"
+ },
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "fb8b43b7721786f551ec95542e07cf9a909f3e56"
+ },
+ "CVE-2022-40768": {
+ "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
+ "cmt_id": "5c8395d775ca9044b361af4a19b2ff223485be35"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
"cmt_id": "cbd342376a4e7ea481891181910e9e995390eb24"
},
- "CVE-2022-3649": {
- "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
- "cmt_id": "26b9b66610d6f8f3333cb6f52e97745da875fee1"
+ "CVE-2022-3542": {
+ "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
+ "cmt_id": "f63e896e78c247d0be8165d99d543a28ca0be360"
},
"CVE-2022-3646": {
"cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure",
@@ -19535,6 +19487,20 @@
"cmt_id": "7339b6bdf9e084f9e83c084ccc8879b6ae80b75a"
}
},
+ "4.14.299": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "b23665bbd39224e15aab89df4a4b60c0ab2ad09d"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "999d99c8de09537bd4f4a4a7db2be6b55c6ed817"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "03af22e23b96fb7ef75fb7885407ef457e8b403d"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -19581,9 +19547,6 @@
"CVE-2017-5753": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2019-19377": {
"cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors"
},
@@ -19653,18 +19616,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
- "CVE-2022-3564": {
- "cmt_msg": ""
+ "CVE-2022-3595": {
+ "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
"CVE-2021-43975": {
"cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
},
- "CVE-2022-3595": {
- "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
- },
"CVE-2017-1000405": {
"cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()"
},
@@ -19705,7 +19662,7 @@
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2019-20908": {
"cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down"
@@ -19779,14 +19736,8 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3435": {
- "cmt_msg": ""
- },
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
@@ -19827,9 +19778,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
@@ -19855,7 +19803,7 @@
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-16921": {
"cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext"
@@ -19923,9 +19871,6 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -19938,9 +19883,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -19977,9 +19919,6 @@
"CVE-2018-17977": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -20008,7 +19947,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -20019,9 +19958,6 @@
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
@@ -20064,9 +20000,6 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2018-20449": {
"cmt_msg": "printk: hash addresses printed with %p"
},
@@ -20121,6 +20054,9 @@
"CVE-2020-27835": {
"cmt_msg": "IB/hfi1: Ensure correct mm is used at all times"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
},
@@ -20775,7 +20711,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
@@ -20853,7 +20789,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -20862,7 +20798,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-0009": {
"cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped"
@@ -21185,9 +21121,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-24958": {
"cmt_msg": "usb: gadget: don't release an existing dev->buf"
},
@@ -21230,15 +21163,9 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
@@ -21495,7 +21422,7 @@
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -21533,6 +21460,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -21579,7 +21509,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -21783,7 +21713,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
@@ -21921,7 +21851,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -21947,9 +21877,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -22014,7 +21941,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -22352,9 +22279,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -22614,7 +22538,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -23451,7 +23375,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -23460,7 +23384,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-0009": {
"cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped"
@@ -23795,9 +23719,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-24958": {
"cmt_msg": "usb: gadget: don't release an existing dev->buf"
},
@@ -23840,15 +23761,9 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
@@ -24108,13 +24023,13 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -24155,6 +24070,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -24210,7 +24128,7 @@
"cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -24420,7 +24338,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
@@ -24564,7 +24482,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -24590,9 +24508,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -24657,7 +24572,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -25016,9 +24931,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -25281,7 +25193,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -28299,9 +28211,13 @@
}
},
"4.19.262": {
- "CVE-2022-40768": {
- "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
- "cmt_id": "a99c5e38dc6c3dc3da28489b78db09a4b9ffc8c3"
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "ec2aab115eb38ac4992ea2fcc2a02fbe7af5cf48"
+ },
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "6d8dbefc4de96d35d68c723e2e75b5a23173c08c"
},
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak",
@@ -28323,6 +28239,14 @@
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
"cmt_id": "bfc82a26545b5f61a64d51ca2179773706fb028f"
},
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "13de81c7ea0fd68efb48a2d2957e349237905923"
+ },
+ "CVE-2022-40768": {
+ "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
+ "cmt_id": "a99c5e38dc6c3dc3da28489b78db09a4b9ffc8c3"
+ },
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
"cmt_id": "27f74a47d5b1cf52d48af15993bb1caa31ad8f5b"
@@ -28342,6 +28266,20 @@
"cmt_id": "95c4751705f7eef0f16a245e121259857f867c4a"
}
},
+ "4.19.265": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "5e7d546917431400b7d6e5e38f588e0bd13083c9"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "36919a82f335784d86b4def308739559bb47943d"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "6c7407bfbeafc80a04e6eaedcf34d378532a04f2"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -28382,9 +28320,6 @@
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2019-15794": {
"cmt_msg": "ovl: fix reference counting in ovl_mmap error path"
},
@@ -28454,18 +28389,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
- "CVE-2022-3564": {
- "cmt_msg": ""
+ "CVE-2022-3595": {
+ "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
"CVE-2021-26934": {
"cmt_msg": ""
},
- "CVE-2022-3595": {
- "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
- },
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
@@ -28506,7 +28435,7 @@
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2019-20908": {
"cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down"
@@ -28544,9 +28473,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2021-20177": {
"cmt_msg": "netfilter: add and use nf_hook_slow_list()"
},
@@ -28559,11 +28485,8 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3625": {
"cmt_msg": "devlink: Fix use-after-free after a failed reload"
@@ -28601,9 +28524,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2013-7445": {
"cmt_msg": ""
},
@@ -28629,7 +28549,7 @@
"cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options()."
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
@@ -28691,9 +28611,6 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -28706,9 +28623,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -28742,9 +28656,6 @@
"CVE-2018-17977": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -28773,7 +28684,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -28829,9 +28740,6 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2019-16089": {
"cmt_msg": ""
},
@@ -28868,6 +28776,9 @@
"CVE-2020-27835": {
"cmt_msg": "IB/hfi1: Ensure correct mm is used at all times"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
}
@@ -29194,7 +29105,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -29497,7 +29408,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
@@ -29572,7 +29483,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -29883,9 +29794,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-24958": {
"cmt_msg": "usb: gadget: don't release an existing dev->buf"
},
@@ -29928,15 +29836,9 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
@@ -30202,7 +30104,7 @@
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -30240,6 +30142,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -30286,7 +30191,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -30475,7 +30380,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
@@ -30610,7 +30515,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -30636,9 +30541,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -30706,7 +30608,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -31032,9 +30934,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -31288,7 +31187,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -33180,9 +33079,6 @@
"CVE-2018-13093": {
"cmt_msg": "xfs: validate cached inodes are free when allocated"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -33484,7 +33380,7 @@
"cmt_msg": "fs: limit filesystem stacking depth"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -33847,7 +33743,7 @@
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-3629": {
"cmt_msg": "vsock: Fix memory leak in vsock_connect()"
@@ -33879,9 +33775,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2016-9120": {
"cmt_msg": "staging/android/ion : fix a race condition in the ion driver"
},
@@ -34165,7 +34058,7 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
@@ -34174,14 +34067,11 @@
"cmt_msg": "[CIFS] Possible null ptr deref in SMB2_tcon"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2020-10942": {
"cmt_msg": "vhost: Check docket sk_family instead of call getname"
},
@@ -34230,6 +34120,9 @@
"CVE-2017-13220": {
"cmt_msg": "Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -34273,7 +34166,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -34305,9 +34198,6 @@
"CVE-2017-16532": {
"cmt_msg": "usb: usbtest: fix NULL pointer dereference"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2014-9419": {
"cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES"
},
@@ -34498,7 +34388,7 @@
"cmt_msg": "ALSA: core: Fix card races between register and disconnect"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -34657,7 +34547,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-0168": {
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
@@ -34686,9 +34576,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -34756,7 +34643,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -35419,7 +35306,7 @@
"cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -36868,9 +36755,6 @@
"CVE-2017-2618": {
"cmt_msg": "selinux: fix off-by-one in setprocattr"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -37106,7 +36990,7 @@
"cmt_msg": "ipv6: Prevent overrun when parsing v6 header options"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2018-10021": {
"cmt_msg": "scsi: libsas: defer ata device eh commands to libata"
@@ -37205,7 +37089,7 @@
"cmt_msg": "fs: limit filesystem stacking depth"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -37598,7 +37482,7 @@
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2016-7042": {
"cmt_msg": "KEYS: Fix short sprintf buffer in /proc/keys show function"
@@ -37630,9 +37514,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2016-9120": {
"cmt_msg": "staging/android/ion : fix a race condition in the ion driver"
},
@@ -37970,14 +37851,11 @@
"cmt_msg": "[CIFS] Possible null ptr deref in SMB2_tcon"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2020-10942": {
"cmt_msg": "vhost: Check docket sk_family instead of call getname"
},
@@ -38032,6 +37910,9 @@
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -38081,7 +37962,7 @@
"cmt_msg": "posix_acl: Clear SGID bit when setting file permissions"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -38113,9 +37994,6 @@
"CVE-2017-16532": {
"cmt_msg": "usb: usbtest: fix NULL pointer dereference"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-16538": {
"cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start"
},
@@ -38330,7 +38208,7 @@
"cmt_msg": "floppy: fix lock_fdc() signal handling"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-20265": {
"cmt_msg": "af_unix: fix struct pid memory leak"
@@ -38507,7 +38385,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-0168": {
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
@@ -38536,9 +38414,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -38615,7 +38490,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -39350,7 +39225,7 @@
"cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -42386,9 +42261,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -42561,7 +42433,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -42570,7 +42442,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -42836,9 +42708,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
@@ -43005,10 +42874,7 @@
"cmt_msg": "[CIFS] Possible null ptr deref in SMB2_tcon"
},
"CVE-2022-3903": {
- "cmt_msg": ""
- },
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2017-0750": {
"cmt_msg": "f2fs: do more integrity verification for superblock"
@@ -43037,6 +42903,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
},
@@ -43047,7 +42916,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -43055,9 +42924,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -43101,7 +42967,7 @@
"cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2020-0429": {
"cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()"
@@ -43170,7 +43036,7 @@
"cmt_msg": "floppy: fix lock_fdc() signal handling"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-13693": {
"cmt_msg": ""
@@ -43251,7 +43117,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -43271,9 +43137,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -43314,7 +43177,7 @@
"cmt_msg": "time: Remove CONFIG_TIMER_STATS"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -43743,7 +43606,7 @@
"cmt_msg": "isdn/i4l: fix buffer overflow"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -46206,9 +46069,6 @@
"CVE-2018-13093": {
"cmt_msg": "xfs: validate cached inodes are free when allocated"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13094": {
"cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp"
},
@@ -46744,7 +46604,7 @@
"cmt_msg": "tipc: fix info leaks via msg_name in recv_msg/recv_stream"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-3629": {
"cmt_msg": "vsock: Fix memory leak in vsock_connect()"
@@ -46776,9 +46636,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2016-9120": {
"cmt_msg": "staging/android/ion : fix a race condition in the ion driver"
},
@@ -46978,13 +46835,13 @@
"cmt_msg": "scsi: sg: mitigate read/write abuse"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -47031,6 +46888,9 @@
"CVE-2017-13305": {
"cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19537": {
"cmt_msg": "USB: core: Fix races in character device registration and deregistraion"
},
@@ -47071,7 +46931,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2019-9213": {
"cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()"
@@ -47091,9 +46951,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2019-2181": {
"cmt_msg": "binder: check for overflow when alloc for security context"
},
@@ -47233,7 +47090,7 @@
"cmt_msg": "floppy: fix lock_fdc() signal handling"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-13693": {
"cmt_msg": ""
@@ -47356,7 +47213,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -47379,9 +47236,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -47446,7 +47300,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -47745,9 +47599,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2020-25656": {
"cmt_msg": "vt: keyboard, extend func_buf_lock to readers"
},
@@ -47974,7 +47825,7 @@
"cmt_msg": "isdn/i4l: fix buffer overflow"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -48121,6 +47972,10 @@
}
},
"6.0.1": {
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "2a96b532098284ecf8e4849b8b9e5fc7a28bdee9"
+ },
"CVE-2022-43750": {
"cmt_msg": "usb: mon: make mmapped memory read only",
"cmt_id": "08e2c70e549b77f5f3af9c76da00779d5756f997"
@@ -48139,9 +47994,9 @@
"cmt_msg": "nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()",
"cmt_id": "037e760a4a009e9545a51e87c98c22d9aaf32df7"
},
- "CVE-2022-42722": {
- "cmt_msg": "wifi: mac80211: fix crash in beacon protection for P2P-device",
- "cmt_id": "8ed62f2df8ebcf79c185f1bc3e4f346ea0905da6"
+ "CVE-2022-3649": {
+ "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
+ "cmt_id": "6251c9c0430d70cc221d0bb907b278bd99d7b066"
},
"CVE-2022-42719": {
"cmt_msg": "wifi: mac80211: fix MBSSID parsing use-after-free",
@@ -48151,9 +48006,9 @@
"cmt_msg": "wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()",
"cmt_id": "fc1ed6d0c9898a68da7f1f7843560dfda57683e2"
},
- "CVE-2022-3649": {
- "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
- "cmt_id": "6251c9c0430d70cc221d0bb907b278bd99d7b066"
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref",
+ "cmt_id": "3c7c84319833259b0bb8c879928700c9e42d6562"
},
"CVE-2022-3646": {
"cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure",
@@ -48162,6 +48017,10 @@
"CVE-2022-42720": {
"cmt_msg": "wifi: cfg80211: fix BSS refcounting bugs",
"cmt_id": "e97a5d7091e6d2df05f8378a518a9bbf81688b77"
+ },
+ "CVE-2022-42722": {
+ "cmt_msg": "wifi: mac80211: fix crash in beacon protection for P2P-device",
+ "cmt_id": "8ed62f2df8ebcf79c185f1bc3e4f346ea0905da6"
}
},
"6.0.3": {
@@ -48173,6 +48032,10 @@
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page",
"cmt_id": "7c7c79dd5a388758f8dfa3de89b131d5d84f25fd"
},
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "e2e5264dcf5796559869750a2d6943ac88fe3918"
+ },
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak",
"cmt_id": "218dbb2ef8597b837c1a8f248ad176c5f3f5b464"
@@ -48185,6 +48048,10 @@
"cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release",
"cmt_id": "75e94c7e8859e58aadc15a98cc9704edff47d4f2"
},
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "8a251549ab577d64ece210a11c404354479bd635"
+ },
"CVE-2022-43945": {
"cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR",
"cmt_id": "f59c74df82f6ac9d2ea4e01aa3ae7c6c4481652d"
@@ -48208,6 +48075,32 @@
"cmt_id": "0c5d628f1e1d049c33595693fab1b6e9baf25795"
}
},
+ "6.0.8": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "631f73deedeb0fbc92ca5037d5a71c9fcae7974d"
+ },
+ "CVE-2022-42896": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM",
+ "cmt_id": "d7efeb93213becae13c6a12e4150ce1e07bd2c49"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "e1aada9b71493b2e11c2a239ece99a97e3f13431"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "9a04161244603f502c6e453913e51edd59cb70c1"
+ },
+ "CVE-2022-3619": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write",
+ "cmt_id": "5b4f039a2f487c5edae681d763fe1af505f84c13"
+ },
+ "CVE-2022-3640": {
+ "cmt_msg": "Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()",
+ "cmt_id": "8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -48227,9 +48120,6 @@
"CVE-2022-38457": {
"cmt_msg": ""
},
- "CVE-2022-3619": {
- "cmt_msg": ""
- },
"CVE-2018-1121": {
"cmt_msg": ""
},
@@ -48260,15 +48150,9 @@
"CVE-2019-19814": {
"cmt_msg": ""
},
- "CVE-2022-3564": {
- "cmt_msg": ""
- },
"CVE-2022-2209": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
"CVE-2022-3595": {
"cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
@@ -48311,9 +48195,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2022-3531": {
"cmt_msg": ""
},
@@ -48321,7 +48202,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2020-10708": {
"cmt_msg": ""
@@ -48347,9 +48228,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2013-7445": {
"cmt_msg": ""
},
@@ -48395,15 +48273,9 @@
"CVE-2021-3892": {
"cmt_msg": ""
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-41218": {
"cmt_msg": ""
},
@@ -48428,9 +48300,6 @@
"CVE-2022-26878": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -48446,9 +48315,6 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
- "CVE-2022-42896": {
- "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
- },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -48456,7 +48322,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -48477,7 +48343,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -48994,9 +48860,6 @@
"CVE-2017-2618": {
"cmt_msg": "selinux: fix off-by-one in setprocattr"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -49142,7 +49005,7 @@
"cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
@@ -49151,7 +49014,7 @@
"cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2017-5986": {
"cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf"
@@ -49349,7 +49212,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -49364,7 +49227,7 @@
"cmt_msg": "ip: fix IP_CHECKSUM handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -49765,9 +49628,6 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-18017": {
"cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff"
},
@@ -49825,9 +49685,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2016-9120": {
"cmt_msg": "staging/android/ion : fix a race condition in the ion driver"
},
@@ -50171,7 +50028,7 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
@@ -50182,9 +50039,6 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2020-10942": {
"cmt_msg": "vhost: Check docket sk_family instead of call getname"
},
@@ -50245,6 +50099,9 @@
"CVE-2016-6136": {
"cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -50297,7 +50154,7 @@
"cmt_msg": "posix_acl: Clear SGID bit when setting file permissions"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -50570,7 +50427,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -50794,9 +50651,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -50894,7 +50748,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -51665,7 +51519,7 @@
"cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -55600,7 +55454,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-9453": {
"cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary"
@@ -55609,7 +55463,7 @@
"cmt_msg": "r8152: Rate limit overflow messages"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-43975": {
"cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
@@ -55675,7 +55529,7 @@
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-25020": {
"cmt_msg": "bpf: fix truncated jump targets on heavy expansions"
@@ -55783,14 +55637,11 @@
"cmt_msg": "usb: gadget: don't release an existing dev->buf"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2018-13098": {
"cmt_msg": "f2fs: fix to do sanity check with extra_attr feature"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-1734": {
"cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs"
},
@@ -55800,9 +55651,6 @@
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -55902,9 +55750,6 @@
"CVE-2018-12130": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2021-20292": {
"cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure."
},
@@ -55914,9 +55759,6 @@
"CVE-2005-3660": {
"cmt_msg": ""
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2022-1508": {
"cmt_msg": "io_uring: reexpand under-reexpanded iters"
},
@@ -55948,7 +55790,7 @@
"cmt_msg": "io-wq: fix cancellation on create-worker failure"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-16921": {
"cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext"
@@ -56077,7 +55919,7 @@
"cmt_msg": "binder: refactor binder ref inc/dec for thread safety"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
@@ -56106,9 +55948,6 @@
"CVE-2019-12456": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
@@ -56155,7 +55994,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-23036": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
@@ -56215,7 +56054,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -56233,7 +56072,7 @@
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -56412,6 +56251,9 @@
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
},
@@ -56829,9 +56671,6 @@
"CVE-2017-2618": {
"cmt_msg": "selinux: fix off-by-one in setprocattr"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -57166,7 +57005,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -57181,7 +57020,7 @@
"cmt_msg": "ip: fix IP_CHECKSUM handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -57573,9 +57412,6 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-18017": {
"cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff"
},
@@ -57633,9 +57469,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -57958,20 +57791,17 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
},
@@ -58026,6 +57856,9 @@
"CVE-2017-13305": {
"cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -58078,7 +57911,7 @@
"cmt_msg": "posix_acl: Clear SGID bit when setting file permissions"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -58351,7 +58184,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -58534,7 +58367,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -58566,9 +58399,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -58657,7 +58487,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -59434,7 +59264,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -60065,9 +59895,6 @@
"CVE-2017-2618": {
"cmt_msg": "selinux: fix off-by-one in setprocattr"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -60408,7 +60235,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -60423,7 +60250,7 @@
"cmt_msg": "ip: fix IP_CHECKSUM handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -60815,9 +60642,6 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-18017": {
"cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff"
},
@@ -60875,9 +60699,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -61200,20 +61021,17 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
},
@@ -61277,6 +61095,9 @@
"CVE-2016-6136": {
"cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -61329,7 +61150,7 @@
"cmt_msg": "posix_acl: Clear SGID bit when setting file permissions"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -61602,7 +61423,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -61779,7 +61600,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -61811,9 +61632,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -61905,7 +61723,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -62682,7 +62500,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -64427,9 +64245,6 @@
"CVE-2018-13093": {
"cmt_msg": "xfs: validate cached inodes are free when allocated"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -64713,7 +64528,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -64722,7 +64537,7 @@
"cmt_msg": "ip: fix IP_CHECKSUM handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -65087,9 +64902,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -65325,13 +65137,13 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-19447": {
"cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely"
@@ -65369,6 +65181,9 @@
"CVE-2018-17182": {
"cmt_msg": "mm: get rid of vmacache_flush_all() entirely"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -65415,7 +65230,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -65438,9 +65253,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-26147": {
"cmt_msg": "mac80211: assure all fragments are encrypted"
},
@@ -65628,7 +65440,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-13693": {
"cmt_msg": ""
@@ -65763,7 +65575,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-0168": {
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
@@ -65789,9 +65601,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-1198": {
"cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()"
},
@@ -65862,7 +65671,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -66212,9 +66021,6 @@
"CVE-2021-3483": {
"cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
@@ -66501,7 +66307,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -66968,7 +66774,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -67175,7 +66981,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -67610,7 +67416,7 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -67636,6 +67442,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-3600": {
"cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod"
},
@@ -67652,7 +67461,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-26556": {
"cmt_msg": ""
@@ -67660,9 +67469,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -67700,7 +67506,7 @@
"cmt_msg": "perf/core: Fix race in the perf_mmap_close() function"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2020-14356": {
"cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()"
@@ -67778,7 +67584,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-0322": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
@@ -67880,7 +67686,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -67900,9 +67706,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -67952,7 +67755,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -68348,7 +68151,7 @@
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -68934,9 +68737,6 @@
"CVE-2017-2618": {
"cmt_msg": "selinux: fix off-by-one in setprocattr"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -69082,7 +68882,7 @@
"cmt_msg": "cuse: fix memory leak"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
@@ -69091,7 +68891,7 @@
"cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2017-5986": {
"cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf"
@@ -69184,7 +68984,7 @@
"cmt_msg": "ipv6: Prevent overrun when parsing v6 header options"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2018-10021": {
"cmt_msg": "scsi: libsas: defer ata device eh commands to libata"
@@ -69292,7 +69092,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -69307,7 +69107,7 @@
"cmt_msg": "ip: fix IP_CHECKSUM handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
@@ -69774,9 +69574,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2016-9120": {
"cmt_msg": "staging/android/ion : fix a race condition in the ion driver"
},
@@ -70149,9 +69946,6 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2020-10942": {
"cmt_msg": "vhost: Check docket sk_family instead of call getname"
},
@@ -70218,6 +70012,9 @@
"CVE-2016-6136": {
"cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -70273,7 +70070,7 @@
"cmt_msg": "KVM: MTRR: remove MSR 0x2f8"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -70308,9 +70105,6 @@
"CVE-2017-16532": {
"cmt_msg": "usb: usbtest: fix NULL pointer dereference"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-16538": {
"cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start"
},
@@ -70558,7 +70352,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-20265": {
"cmt_msg": "af_unix: fix struct pid memory leak"
@@ -70788,9 +70582,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -70897,7 +70688,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -71692,7 +71483,7 @@
"cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -72157,7 +71948,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -72349,7 +72140,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
@@ -72742,7 +72533,7 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -72765,6 +72556,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-3600": {
"cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod"
},
@@ -72775,7 +72569,7 @@
"cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -72783,9 +72577,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -72820,7 +72611,7 @@
"cmt_msg": "perf/core: Fix race in the perf_mmap_close() function"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-20132": {
"cmt_msg": "HID: add hid_is_usb() function to make it simpler for USB detection"
@@ -72898,7 +72689,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
@@ -73000,7 +72791,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -73020,9 +72811,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -73069,7 +72857,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -73447,7 +73235,7 @@
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -73847,7 +73635,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -74036,7 +73824,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
@@ -74390,7 +74178,7 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -74413,6 +74201,9 @@
"CVE-2022-0847": {
"cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-3600": {
"cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod"
},
@@ -74423,7 +74214,7 @@
"cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -74431,9 +74222,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -74465,7 +74253,7 @@
"cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-20132": {
"cmt_msg": "HID: add hid_is_usb() function to make it simpler for USB detection"
@@ -74534,7 +74322,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
@@ -74639,7 +74427,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-2938": {
"cmt_msg": "psi: Fix uaf issue when psi trigger is destroyed while being polled"
@@ -74656,9 +74444,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-15902": {
"cmt_msg": "unknown"
},
@@ -74696,7 +74481,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -75065,7 +74850,7 @@
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -75422,7 +75207,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -75599,7 +75384,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
@@ -75950,7 +75735,7 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -75973,6 +75758,9 @@
"CVE-2022-0847": {
"cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-3600": {
"cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod"
},
@@ -75983,7 +75771,7 @@
"cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -75991,9 +75779,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27820": {
"cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal"
},
@@ -76022,7 +75807,7 @@
"cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-20132": {
"cmt_msg": "HID: add hid_is_usb() function to make it simpler for USB detection"
@@ -76082,7 +75867,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
@@ -76187,7 +75972,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-2938": {
"cmt_msg": "psi: Fix uaf issue when psi trigger is destroyed while being polled"
@@ -76204,9 +75989,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-15902": {
"cmt_msg": "unknown"
},
@@ -76244,7 +76026,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -76589,7 +76371,7 @@
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -80412,9 +80194,13 @@
}
},
"4.9.331": {
- "CVE-2022-40768": {
- "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
- "cmt_id": "35db0282da84ad200054ad5af0fd6c2f693b17f8"
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "d1ff475d7c83289d0a7faef346ea3bbf90818bad"
+ },
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "347a969b130c2a496f471f14b354119b82664f0a"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages",
@@ -80428,23 +80214,45 @@
"cmt_msg": "nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()",
"cmt_id": "bb63454b66f4a73d4b267fd5061aaf3a5657172c"
},
- "CVE-2022-3542": {
- "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
- "cmt_id": "9ec3f783f08b57a861700fdf4d3d8f3cfb68f471"
+ "CVE-2022-3649": {
+ "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
+ "cmt_id": "a9043a24c6e340d45b204d294a25044726fd2770"
+ },
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "84607bd3a8542b84b450d19a3579172f96c2bb47"
+ },
+ "CVE-2022-40768": {
+ "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
+ "cmt_id": "35db0282da84ad200054ad5af0fd6c2f693b17f8"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
"cmt_id": "1ba21168faf881c23c270605834d01af260cbb72"
},
- "CVE-2022-3649": {
- "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
- "cmt_id": "a9043a24c6e340d45b204d294a25044726fd2770"
+ "CVE-2022-3542": {
+ "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
+ "cmt_id": "9ec3f783f08b57a861700fdf4d3d8f3cfb68f471"
},
"CVE-2022-3646": {
"cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure",
"cmt_id": "81fe58e4e7f61a1f5200898e7cd4c9748f83051f"
}
},
+ "4.9.333": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "b1477d95e967bf626b8c5e3838bb885c47381b24"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "63e3d75298fac7fa50906454603dd5bb4ef22a23"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "dc30e05bb18852303084430c03ca76e69257d9ea"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -80497,9 +80305,6 @@
"CVE-2017-5753": {
"cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-1247": {
"cmt_msg": ""
},
@@ -80581,21 +80386,18 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
"CVE-2019-9453": {
"cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary"
},
- "CVE-2022-3564": {
- "cmt_msg": ""
- },
- "CVE-2021-43975": {
- "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
},
"CVE-2022-3595": {
"cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
+ "CVE-2021-43975": {
+ "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
+ },
"CVE-2017-1000405": {
"cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()"
},
@@ -80636,7 +80438,7 @@
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-25020": {
"cmt_msg": "bpf: fix truncated jump targets on heavy expansions"
@@ -80710,9 +80512,6 @@
"CVE-2021-34556": {
"cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2021-39714": {
"cmt_msg": "staging: android: ion: Drop ion_map_kernel interface"
},
@@ -80731,18 +80530,12 @@
"CVE-2018-13098": {
"cmt_msg": "f2fs: fix to do sanity check with extra_attr feature"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -80797,9 +80590,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
@@ -80932,9 +80722,6 @@
"CVE-2018-20509": {
"cmt_msg": "binder: refactor binder ref inc/dec for thread safety"
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -80950,9 +80737,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
@@ -80992,9 +80776,6 @@
"CVE-2018-17977": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -81026,7 +80807,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -81040,9 +80821,6 @@
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
@@ -81161,7 +80939,7 @@
"cmt_msg": "IB/hfi1: Ensure correct mm is used at all times"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
@@ -81611,9 +81389,6 @@
"CVE-2017-2618": {
"cmt_msg": "selinux: fix off-by-one in setprocattr"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -81963,7 +81738,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -81978,7 +81753,7 @@
"cmt_msg": "ip: fix IP_CHECKSUM handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2019-14897": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
@@ -82367,9 +82142,6 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2017-18017": {
"cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff"
},
@@ -82424,9 +82196,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -82746,20 +82515,17 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
},
@@ -82814,6 +82580,9 @@
"CVE-2017-13305": {
"cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -82863,7 +82632,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -83136,7 +82905,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -83316,7 +83085,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -83348,9 +83117,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -83877,7 +83643,7 @@
"cmt_msg": "scsi: libsas: delete sas port if expander discover failed"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2017-16913": {
"cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input"
@@ -84207,7 +83973,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -84723,7 +84489,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -84833,9 +84599,6 @@
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2018-13096": {
"cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks"
},
@@ -85170,7 +84933,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2018-19407": {
"cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization"
@@ -85568,9 +85331,6 @@
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2019-19530": {
"cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough"
},
@@ -85625,9 +85385,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3625": {
- "cmt_msg": "devlink: Fix use-after-free after a failed reload"
- },
"CVE-2017-17862": {
"cmt_msg": "bpf: fix branch pruning logic"
},
@@ -85905,20 +85662,17 @@
"cmt_msg": "i40e: Wrong truncation from u16 to u8"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-17075": {
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3577": {
- "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
- },
"CVE-2019-0146": {
"cmt_msg": "i40e: add num_vectors checker in iwarp handler"
},
@@ -85967,6 +85721,9 @@
"CVE-2017-13305": {
"cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -86016,7 +85773,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -86301,7 +86058,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -86472,7 +86229,7 @@
"cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-24503": {
"cmt_msg": ""
@@ -86501,9 +86258,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
@@ -86580,7 +86334,7 @@
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -87294,7 +87048,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -87869,7 +87623,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -88127,7 +87881,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
@@ -88199,7 +87953,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -88534,9 +88288,6 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
@@ -88769,7 +88520,7 @@
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -88807,6 +88558,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -88847,7 +88601,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -88864,9 +88618,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -89024,7 +88775,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
@@ -89156,7 +88907,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -89182,9 +88933,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -89243,7 +88991,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -89759,7 +89507,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -90240,7 +89988,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -90480,7 +90228,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2021-28964": {
"cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root"
@@ -90546,7 +90294,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -91110,7 +90858,7 @@
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -91148,6 +90896,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -91185,7 +90936,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-26556": {
"cmt_msg": ""
@@ -91202,9 +90953,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -91341,7 +91089,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
@@ -91479,7 +91227,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -91505,9 +91253,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -91569,7 +91314,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -92082,7 +91827,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -92579,7 +92324,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -92783,7 +92528,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2021-28964": {
"cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root"
@@ -92846,7 +92591,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -93380,7 +93125,7 @@
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -93409,6 +93154,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19534": {
"cmt_msg": "can: peak_usb: fix slab info leak"
},
@@ -93434,7 +93182,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-26556": {
"cmt_msg": ""
@@ -93451,9 +93199,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -93590,7 +93335,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
@@ -93740,7 +93485,7 @@
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -93763,9 +93508,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19526": {
"cmt_msg": "NFC: pn533: fix use-after-free and memleaks"
},
@@ -93827,7 +93569,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -94307,7 +94049,7 @@
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -94735,7 +94477,7 @@
"cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -94879,7 +94621,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2022-1204": {
"cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()"
@@ -95140,7 +94882,7 @@
"cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -95157,6 +94899,9 @@
"CVE-2022-0847": {
"cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-41073": {
"cmt_msg": "io_uring: ensure symmetry in handling iter types in loop_rw_iter()"
},
@@ -95164,7 +94909,7 @@
"cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
@@ -95194,7 +94939,7 @@
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-20132": {
"cmt_msg": "HID: add hid_is_usb() function to make it simpler for USB detection"
@@ -95233,7 +94978,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
@@ -95299,7 +95044,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-2938": {
"cmt_msg": "psi: Fix uaf issue when psi trigger is destroyed while being polled"
@@ -95316,9 +95061,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-15902": {
"cmt_msg": "unknown"
},
@@ -95350,7 +95092,7 @@
"cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -95635,7 +95377,7 @@
"cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -95953,7 +95695,7 @@
"cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -96100,7 +95842,7 @@
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2021-39686": {
"cmt_msg": "binder: use euid from cred instead of using task"
@@ -96109,7 +95851,7 @@
"cmt_msg": "USB: gadget: detect too-big endpoint 0 requests"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-26934": {
"cmt_msg": ""
@@ -96289,7 +96031,7 @@
"cmt_msg": "remove the lightnvm subsystem"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
@@ -96472,7 +96214,7 @@
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
@@ -96595,7 +96337,7 @@
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
@@ -96630,9 +96372,6 @@
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-42703": {
"cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
},
@@ -96685,7 +96424,7 @@
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-0617": {
"cmt_msg": "udf: Fix NULL ptr deref when converting from inline format"
@@ -96745,7 +96484,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -96763,7 +96502,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
@@ -96897,6 +96636,9 @@
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
},
@@ -98394,9 +98136,9 @@
}
},
"5.10.148": {
- "CVE-2022-40768": {
- "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
- "cmt_id": "36b33c63515a93246487691046d18dd37a9f589b"
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "1e555c3ed1fce4b278aaebe18a64a934cece57d8"
},
"CVE-2022-43750": {
"cmt_msg": "usb: mon: make mmapped memory read only",
@@ -98418,6 +98160,10 @@
"cmt_msg": "wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()",
"cmt_id": "a6408e0b694c1bdd8ae7dd0464a86b98518145ec"
},
+ "CVE-2022-40768": {
+ "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
+ "cmt_id": "36b33c63515a93246487691046d18dd37a9f589b"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root",
"cmt_id": "21ee3cffed8fbabb669435facfd576ba18ac8652"
@@ -98442,25 +98188,59 @@
}
},
"5.10.150": {
- "CVE-2022-3594": {
- "cmt_msg": "r8152: Rate limit overflow messages",
- "cmt_id": "484400d433ca1903a87268c55f019e932297538a"
- },
- "CVE-2022-3542": {
- "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
- "cmt_id": "6cc0e2afc6a137d45b9523f61a1b1b16a68c9dc0"
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "e50472949604f385e09ce3fa4e74dce9f44fb19b"
},
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak",
"cmt_id": "29f50bcf0f8b9e49c3c9b0e08fcae2ec3a88cc9f"
},
- "CVE-2022-3565": {
- "cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
- "cmt_id": "2a1d0363208528a3bacbc2c37264d60182efd482"
+ "CVE-2022-3594": {
+ "cmt_msg": "r8152: Rate limit overflow messages",
+ "cmt_id": "484400d433ca1903a87268c55f019e932297538a"
},
"CVE-2022-2602": {
"cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release",
"cmt_id": "c378c479c5175833bb22ff71974cda47d7b05401"
+ },
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "dbcca76435a606a352c794956e6df62eedd3a353"
+ },
+ "CVE-2022-3565": {
+ "cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
+ "cmt_id": "2a1d0363208528a3bacbc2c37264d60182efd482"
+ },
+ "CVE-2022-3542": {
+ "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
+ "cmt_id": "6cc0e2afc6a137d45b9523f61a1b1b16a68c9dc0"
+ }
+ },
+ "5.10.154": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "c6678c8f4f3f8383fe2dff3455de3d504382638f"
+ },
+ "CVE-2022-3524": {
+ "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options().",
+ "cmt_id": "818c36b988b82f31e4be8ad8415e1be902b8e5f8"
+ },
+ "CVE-2022-42896": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM",
+ "cmt_id": "6b6f94fb9a74dd2891f11de4e638c6202bc89476"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "26ca2ac091b49281d73df86111d16e5a76e43bd7"
+ },
+ "CVE-2021-3759": {
+ "cmt_msg": "memcg: enable accounting of ipc resources",
+ "cmt_id": "836686e1a01d7e2fda6a5a18252243ff30a6e196"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "cb1c012099ef5904cd468bdb8d6fcdfdd9bcb569"
}
},
"outstanding": {
@@ -98486,7 +98266,7 @@
"cmt_msg": "io_uring: remove io_identity"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -98503,9 +98283,6 @@
"CVE-2022-3344": {
"cmt_msg": ""
},
- "CVE-2021-3759": {
- "cmt_msg": "memcg: enable accounting of ipc resources"
- },
"CVE-2020-24503": {
"cmt_msg": ""
},
@@ -98545,18 +98322,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
- "CVE-2022-3564": {
- "cmt_msg": ""
+ "CVE-2022-3595": {
+ "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
"CVE-2021-26934": {
"cmt_msg": ""
},
- "CVE-2022-3595": {
- "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
- },
"CVE-2022-3176": {
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
@@ -98566,9 +98337,6 @@
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
- "CVE-2022-3524": {
- "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options()."
- },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -98611,9 +98379,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2022-1247": {
"cmt_msg": ""
},
@@ -98627,7 +98392,7 @@
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2020-10708": {
"cmt_msg": ""
@@ -98656,9 +98421,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2013-7445": {
"cmt_msg": ""
},
@@ -98668,9 +98430,6 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2005-3660": {
"cmt_msg": ""
},
@@ -98731,9 +98490,6 @@
"CVE-2022-0500": {
"cmt_msg": "bpf: Introduce MEM_RDONLY flag"
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -98743,13 +98499,10 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-41218": {
"cmt_msg": ""
},
- "CVE-2022-25265": {
+ "CVE-2011-4917": {
"cmt_msg": ""
},
"CVE-2022-23222": {
@@ -98770,9 +98523,6 @@
"CVE-2018-17977": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -98788,9 +98538,6 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
- "CVE-2022-42896": {
- "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
- },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -98798,7 +98545,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -98825,7 +98572,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -98851,7 +98598,7 @@
"CVE-2022-1280": {
"cmt_msg": "drm: avoid circular locks in drm_mode_getconnector"
},
- "CVE-2011-4917": {
+ "CVE-2022-25265": {
"cmt_msg": ""
},
"CVE-2011-4916": {
@@ -98859,6 +98606,9 @@
},
"CVE-2021-32078": {
"cmt_msg": "ARM: footbridge: remove personal server platform"
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -99239,7 +98989,7 @@
"cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -99401,7 +99151,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
@@ -99698,7 +99448,7 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -99721,6 +99471,9 @@
"CVE-2022-0847": {
"cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-41073": {
"cmt_msg": "io_uring: ensure symmetry in handling iter types in loop_rw_iter()"
},
@@ -99728,7 +99481,7 @@
"cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
@@ -99761,7 +99514,7 @@
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-20132": {
"cmt_msg": "HID: add hid_is_usb() function to make it simpler for USB detection"
@@ -99812,7 +99565,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
@@ -99890,7 +99643,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-2938": {
"cmt_msg": "psi: Fix uaf issue when psi trigger is destroyed while being polled"
@@ -99907,9 +99660,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-15902": {
"cmt_msg": "unknown"
},
@@ -99944,7 +99694,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -100241,7 +99991,7 @@
"cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -100715,7 +100465,7 @@
"cmt_msg": "binder: fix UAF of ref->proc caused by race condition"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -100793,13 +100543,13 @@
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-26934": {
"cmt_msg": ""
@@ -100910,7 +100660,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3623": {
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
@@ -101093,7 +100843,7 @@
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
@@ -101110,9 +100860,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-42703": {
"cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
},
@@ -101168,7 +100915,7 @@
"cmt_msg": ""
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
@@ -101198,7 +100945,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -101210,7 +100957,7 @@
"cmt_msg": ""
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-34494": {
"cmt_msg": "rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev()"
@@ -101240,7 +100987,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -101295,6 +101042,9 @@
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -101605,7 +101355,7 @@
"cmt_msg": "binder: fix UAF of ref->proc caused by race condition"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -101671,13 +101421,13 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-26934": {
"cmt_msg": ""
@@ -101776,7 +101526,7 @@
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3625": {
"cmt_msg": "devlink: Fix use-after-free after a failed reload"
@@ -101911,7 +101661,7 @@
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
@@ -101928,9 +101678,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-42703": {
"cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
},
@@ -101983,7 +101730,7 @@
"cmt_msg": ""
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
@@ -102013,7 +101760,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -102025,7 +101772,7 @@
"cmt_msg": ""
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2021-3542": {
"cmt_msg": ""
@@ -102043,7 +101790,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -102077,6 +101824,9 @@
},
"CVE-2011-4916": {
"cmt_msg": ""
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -102316,7 +102066,7 @@
"cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -102436,7 +102186,7 @@
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages"
@@ -102445,7 +102195,7 @@
"cmt_msg": "USB: gadget: detect too-big endpoint 0 requests"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-43975": {
"cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
@@ -102616,7 +102366,7 @@
"cmt_msg": "remove the lightnvm subsystem"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
@@ -102775,7 +102525,7 @@
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-1158": {
"cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address"
@@ -102886,7 +102636,7 @@
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
@@ -102918,9 +102668,6 @@
"CVE-2022-20008": {
"cmt_msg": "mmc: block: fix read single on recovery logic"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-42703": {
"cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
},
@@ -102973,7 +102720,7 @@
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-0617": {
"cmt_msg": "udf: Fix NULL ptr deref when converting from inline format"
@@ -103030,7 +102777,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -103048,7 +102795,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
@@ -103176,6 +102923,9 @@
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
},
@@ -104059,6 +103809,10 @@
}
},
"5.15.73": {
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "64b79e632869ad3ef6c098a4731d559381da1115"
+ },
"CVE-2022-43750": {
"cmt_msg": "usb: mon: make mmapped memory read only",
"cmt_id": "5ff80339cdc3143b89eee2ad91ae44b4dbf65ad1"
@@ -104103,6 +103857,14 @@
}
},
"5.15.75": {
+ "CVE-2022-43945": {
+ "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR",
+ "cmt_id": "dc7f225090c29a5f3b9419b1af32846a201555e7"
+ },
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "2b0897e33682a332167b7d355eec28693b62119e"
+ },
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak",
"cmt_id": "a624161ebe0c678c10c4c82b574fed6c04d552d8"
@@ -104111,9 +103873,13 @@
"cmt_msg": "r8152: Rate limit overflow messages",
"cmt_id": "b3179865cf7e892b26eedab3d6c54b4747c774a2"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR",
- "cmt_id": "dc7f225090c29a5f3b9419b1af32846a201555e7"
+ "CVE-2022-2602": {
+ "cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release",
+ "cmt_id": "813d8fe5d30388f73a21d3a2bf46b0a1fd72498c"
+ },
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "c61786dc727d1850336d12c85a032c9a36ae396d"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
@@ -104122,10 +103888,6 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
"cmt_id": "0b6516a4e3eb0e2dc88a538458f3f732940f44fd"
- },
- "CVE-2022-2602": {
- "cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release",
- "cmt_id": "813d8fe5d30388f73a21d3a2bf46b0a1fd72498c"
}
},
"5.15.77": {
@@ -104134,6 +103896,36 @@
"cmt_id": "1401e9336bebaa6dd5a320f83bddc17619d4e3a6"
}
},
+ "5.15.78": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "7038af4ce95105146d22e461eaa450829f28eeaf"
+ },
+ "CVE-2022-3623": {
+ "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page",
+ "cmt_id": "3a44ae4afaa5318baed3c6e2959f24454e0ae4ff"
+ },
+ "CVE-2022-42896": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM",
+ "cmt_id": "81035e1201e26d57d9733ac59140a3e29befbc5a"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "3e4697ffdfbb38a2755012c4e571546c89ab6422"
+ },
+ "CVE-2022-3543": {
+ "cmt_msg": "af_unix: Fix memory leaks of the whole sk due to OOB skb.",
+ "cmt_id": "3975affcf55f93814a8ae14333d7fc7f183e60a4"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "8278a87bb1eeea94350d675ef961ee5a03341fde"
+ },
+ "CVE-2022-3619": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write",
+ "cmt_id": "aa16cac06b752e5f609c106735bd7838f444784c"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -104153,9 +103945,6 @@
"CVE-2022-38457": {
"cmt_msg": ""
},
- "CVE-2022-3619": {
- "cmt_msg": ""
- },
"CVE-2018-1121": {
"cmt_msg": ""
},
@@ -104192,18 +103981,12 @@
"CVE-2019-19814": {
"cmt_msg": ""
},
- "CVE-2022-3564": {
- "cmt_msg": ""
- },
"CVE-2022-2209": {
"cmt_msg": ""
},
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
"CVE-2022-3595": {
"cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
@@ -104252,21 +104035,15 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2022-1247": {
"cmt_msg": ""
},
+ "CVE-2022-3435": {
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
+ },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
- "CVE-2022-3435": {
- "cmt_msg": ""
- },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -104291,9 +104068,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2021-4095": {
"cmt_msg": "KVM: x86: Fix wall clock writes in Xen shared_info not to mark page dirty"
},
@@ -104312,9 +104086,6 @@
"CVE-2022-24122": {
"cmt_msg": "ucount: Make get_ucount a safe get_user replacement"
},
- "CVE-2022-3543": {
- "cmt_msg": "af_unix: Fix memory leaks of the whole sk due to OOB skb."
- },
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
@@ -104345,15 +104116,9 @@
"CVE-2021-3892": {
"cmt_msg": ""
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-41218": {
"cmt_msg": ""
},
@@ -104378,9 +104143,6 @@
"CVE-2022-26878": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -104396,9 +104158,6 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
- "CVE-2022-42896": {
- "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
- },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -104406,7 +104165,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -104430,7 +104189,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -104461,6 +104220,9 @@
},
"CVE-2013-7445": {
"cmt_msg": ""
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -104773,7 +104535,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -105049,7 +104811,7 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
@@ -105127,7 +104889,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -105471,9 +105233,6 @@
"CVE-2022-23960": {
"cmt_msg": "ARM: report Spectre v2 status through sysfs"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
@@ -105730,7 +105489,7 @@
"cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -105768,6 +105527,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2019-19536": {
"cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices"
},
@@ -105811,7 +105573,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -105828,9 +105590,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -105997,7 +105756,7 @@
"cmt_msg": ""
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
@@ -106132,7 +105891,7 @@
"cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2019-19525": {
"cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect"
@@ -106158,9 +105917,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -106228,7 +105984,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -106780,7 +106536,7 @@
"cmt_msg": "vt: vt_ioctl: fix race in VT_RESIZEX"
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -109005,9 +108761,9 @@
}
},
"5.4.218": {
- "CVE-2022-40768": {
- "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
- "cmt_id": "20a5bde605979af270f94b9151f753ec2caf8b05"
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy",
+ "cmt_id": "70e4f70d54e0225f91814e8610477d65f33cefe4"
},
"CVE-2022-43750": {
"cmt_msg": "usb: mon: make mmapped memory read only",
@@ -109025,6 +108781,10 @@
"cmt_msg": "wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()",
"cmt_id": "020402c7dd587a8a4725d32bbd172a5f7ecc5f8f"
},
+ "CVE-2022-40768": {
+ "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure",
+ "cmt_id": "20a5bde605979af270f94b9151f753ec2caf8b05"
+ },
"CVE-2022-42720": {
"cmt_msg": "wifi: cfg80211: fix BSS refcounting bugs",
"cmt_id": "785eaabfe3103e8bfa36aebacff6e8f69f092ed7"
@@ -109041,6 +108801,10 @@
}
},
"5.4.220": {
+ "CVE-2022-41849": {
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()",
+ "cmt_id": "3742e9fd552e6c4193ebc5eb3d2cd02d429cad9c"
+ },
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak",
"cmt_id": "72c0d361940aec02d114d6f8f351147b85190464"
@@ -109053,6 +108817,10 @@
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
"cmt_id": "71e0ab5b7598d88001762fddbfeb331543c62841"
},
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()",
+ "cmt_id": "e30c3a9a88818e5cf3df3fda6ab8388bef3bc6cd"
+ },
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
"cmt_id": "466ed722f205c2cf8caba5982f3cd9729e767903"
@@ -109066,6 +108834,28 @@
"cmt_id": "04df9719df1865f6770af9bc7880874af0e594b2"
}
},
+ "5.4.224": {
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cmt_id": "a16415c8f156bec5399ef0345715ee4b90e5bb83"
+ },
+ "CVE-2022-3524": {
+ "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options().",
+ "cmt_id": "92aaa5e8fe90a008828a1207e66a30444bcb1cbd"
+ },
+ "CVE-2021-3759": {
+ "cmt_msg": "memcg: enable accounting of ipc resources",
+ "cmt_id": "bad83d55134e647a739ebef2082541963f2cbc92"
+ },
+ "CVE-2022-42895": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory",
+ "cmt_id": "6949400ec9feca7f88c0f6ca5cb5fdbcef419c89"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu",
+ "cmt_id": "4cd094fd5d872862ca278e15b9b51b07e915ef3f"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -109095,7 +108885,7 @@
"cmt_msg": "io_uring: remove io_identity"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -109106,18 +108896,12 @@
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2019-15794": {
"cmt_msg": "ovl: fix reference counting in ovl_mmap error path"
},
"CVE-2022-3344": {
"cmt_msg": ""
},
- "CVE-2021-3759": {
- "cmt_msg": "memcg: enable accounting of ipc resources"
- },
"CVE-2020-24503": {
"cmt_msg": ""
},
@@ -109163,18 +108947,12 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2022-2978": {
- "cmt_msg": ""
- },
- "CVE-2022-3564": {
- "cmt_msg": ""
+ "CVE-2022-3595": {
+ "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
"CVE-2021-26934": {
"cmt_msg": ""
},
- "CVE-2022-3595": {
- "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
- },
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
@@ -109190,9 +108968,6 @@
"CVE-2018-12929": {
"cmt_msg": ""
},
- "CVE-2022-3524": {
- "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options()."
- },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -109235,9 +109010,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-3628": {
- "cmt_msg": ""
- },
"CVE-2021-20177": {
"cmt_msg": "netfilter: add and use nf_hook_slow_list()"
},
@@ -109254,7 +109026,7 @@
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2020-10708": {
"cmt_msg": ""
@@ -109283,9 +109055,6 @@
"CVE-2021-4148": {
"cmt_msg": "mm: khugepaged: skip huge page collapse for special files"
},
- "CVE-2022-42895": {
- "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
- },
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
@@ -109311,7 +109080,7 @@
"cmt_msg": "nfp: fix use-after-free in area_cache_get()"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
@@ -109367,9 +109136,6 @@
"CVE-2022-3176": {
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
- "CVE-2022-41850": {
- "cmt_msg": ""
- },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -109382,9 +109148,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-41218": {
"cmt_msg": ""
},
@@ -109412,9 +109175,6 @@
"CVE-2018-17977": {
"cmt_msg": ""
},
- "CVE-2022-41849": {
- "cmt_msg": ""
- },
"CVE-2022-41848": {
"cmt_msg": ""
},
@@ -109446,7 +109206,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -109513,6 +109273,9 @@
},
"CVE-2020-27835": {
"cmt_msg": "IB/hfi1: Ensure correct mm is used at all times"
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -109761,7 +109524,7 @@
"cmt_msg": "binder: fix UAF of ref->proc caused by race condition"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -109818,13 +109581,13 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-26934": {
"cmt_msg": ""
@@ -109893,7 +109656,7 @@
"cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-3629": {
"cmt_msg": "vsock: Fix memory leak in vsock_connect()"
@@ -109911,7 +109674,7 @@
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3625": {
"cmt_msg": "devlink: Fix use-after-free after a failed reload"
@@ -110022,7 +109785,7 @@
"cmt_msg": ""
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
@@ -110033,9 +109796,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2022-42703": {
"cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
},
@@ -110070,7 +109830,7 @@
"cmt_msg": ""
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
@@ -110097,7 +109857,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -110121,7 +109881,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -110152,6 +109912,9 @@
},
"CVE-2011-4916": {
"cmt_msg": ""
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -110280,6 +110043,16 @@
"cmt_id": "42ea11a81ac853c3e870c70d61ab435d0b09b851"
}
},
+ "5.19.17": {
+ "CVE-2022-43945": {
+ "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR",
+ "cmt_id": "c2a878095b5c6f04f90553a3c45872f990dab14e"
+ },
+ "CVE-2022-3542": {
+ "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
+ "cmt_id": "96c0c14135f5803f9e94e6da2ee9c4b012fdcb20"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -110303,7 +110076,7 @@
"cmt_msg": ""
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2018-1121": {
"cmt_msg": ""
@@ -110311,9 +110084,6 @@
"CVE-2019-19378": {
"cmt_msg": ""
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-3344": {
"cmt_msg": ""
},
@@ -110345,13 +110115,13 @@
"cmt_msg": ""
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2021-26934": {
"cmt_msg": ""
@@ -110411,7 +110181,7 @@
"cmt_msg": ""
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2022-3531": {
"cmt_msg": ""
@@ -110429,7 +110199,7 @@
"cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-3625": {
"cmt_msg": "devlink: Fix use-after-free after a failed reload"
@@ -110485,9 +110255,6 @@
"CVE-2022-3543": {
"cmt_msg": "af_unix: Fix memory leaks of the whole sk due to OOB skb."
},
- "CVE-2022-3542": {
- "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
- },
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
@@ -110519,7 +110286,7 @@
"cmt_msg": ""
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
@@ -110531,7 +110298,7 @@
"cmt_msg": ""
},
"CVE-2022-3640": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()"
},
"CVE-2022-41218": {
"cmt_msg": ""
@@ -110558,7 +110325,7 @@
"cmt_msg": ""
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-3565": {
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
@@ -110585,7 +110352,7 @@
"cmt_msg": ""
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2021-39802": {
"cmt_msg": ""
@@ -110609,7 +110376,7 @@
"cmt_msg": ""
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2015-2877": {
"cmt_msg": ""
@@ -110637,6 +110404,9 @@
},
"CVE-2011-4916": {
"cmt_msg": ""
+ },
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
}
}
},
@@ -111116,7 +110886,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -111356,7 +111126,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -111851,10 +111621,10 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -111883,6 +111653,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-3600": {
"cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod"
},
@@ -111905,7 +111678,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-26556": {
"cmt_msg": ""
@@ -111922,9 +111695,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -112058,7 +111828,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
@@ -112187,7 +111957,7 @@
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -112207,9 +111977,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -112262,7 +112029,7 @@
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -112703,7 +112470,7 @@
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
@@ -113076,7 +112843,7 @@
"cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len"
},
"CVE-2022-3628": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -113271,7 +113038,7 @@
"cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
},
"CVE-2022-3564": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
@@ -113673,7 +113440,7 @@
"cmt_msg": "module: limit enabling module.sig_enforce"
},
"CVE-2022-3903": {
- "cmt_msg": ""
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
"CVE-2022-3577": {
"cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe"
@@ -113699,6 +113466,9 @@
"CVE-2021-3609": {
"cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()"
},
+ "CVE-2022-3977": {
+ "cmt_msg": "mctp: prevent double key removal and unref"
+ },
"CVE-2021-3600": {
"cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod"
},
@@ -113712,7 +113482,7 @@
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
"CVE-2022-3619": {
- "cmt_msg": ""
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
@@ -113720,9 +113490,6 @@
"CVE-2022-3586": {
"cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
},
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2020-27825": {
"cmt_msg": "tracing: Fix race in trace_open and buffer resize call"
},
@@ -113760,7 +113527,7 @@
"cmt_msg": "perf/core: Fix race in the perf_mmap_close() function"
},
"CVE-2022-2978": {
- "cmt_msg": ""
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
"CVE-2020-14356": {
"cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()"
@@ -113838,7 +113605,7 @@
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
"CVE-2022-3435": {
- "cmt_msg": ""
+ "cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
@@ -113940,7 +113707,7 @@
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
"CVE-2022-41850": {
- "cmt_msg": ""
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
"CVE-2020-14390": {
"cmt_msg": "fbcon: remove soft scrollback code"
@@ -113960,9 +113727,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2022-3640": {
- "cmt_msg": ""
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -114012,7 +113776,7 @@
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-3169": {
- "cmt_msg": ""
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
"CVE-2022-36280": {
"cmt_msg": ""
@@ -114405,7 +114169,7 @@
"cmt_msg": "netfilter: x_tables: Use correct memory barriers."
},
"CVE-2022-41849": {
- "cmt_msg": ""
+ "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
"CVE-2022-41848": {
"cmt_msg": ""
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index 323e0bc..3aebb57 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -28657,6 +28657,16 @@
"fixed_version": "5.4.136"
}
},
+ "CVE-2021-3759": {
+ "5.10": {
+ "cmt_id": "836686e1a01d7e2fda6a5a18252243ff30a6e196",
+ "fixed_version": "5.10.154"
+ },
+ "5.4": {
+ "cmt_id": "bad83d55134e647a739ebef2082541963f2cbc92",
+ "fixed_version": "5.4.224"
+ }
+ },
"CVE-2021-3760": {
"4.14": {
"cmt_id": "a2efe3df65359add2164740a5777c26e64dd594b",
@@ -33323,6 +33333,36 @@
"fixed_version": "5.4.189"
}
},
+ "CVE-2022-2978": {
+ "4.14": {
+ "cmt_id": "c0aa76b0f17f59dd9c9d3463550a2986a1d592e4",
+ "fixed_version": "4.14.296"
+ },
+ "4.19": {
+ "cmt_id": "ec2aab115eb38ac4992ea2fcc2a02fbe7af5cf48",
+ "fixed_version": "4.19.262"
+ },
+ "4.9": {
+ "cmt_id": "d1ff475d7c83289d0a7faef346ea3bbf90818bad",
+ "fixed_version": "4.9.331"
+ },
+ "5.10": {
+ "cmt_id": "1e555c3ed1fce4b278aaebe18a64a934cece57d8",
+ "fixed_version": "5.10.148"
+ },
+ "5.15": {
+ "cmt_id": "64b79e632869ad3ef6c098a4731d559381da1115",
+ "fixed_version": "5.15.73"
+ },
+ "5.4": {
+ "cmt_id": "70e4f70d54e0225f91814e8610477d65f33cefe4",
+ "fixed_version": "5.4.218"
+ },
+ "6.0": {
+ "cmt_id": "2a96b532098284ecf8e4849b8b9e5fc7a28bdee9",
+ "fixed_version": "6.0.1"
+ }
+ },
"CVE-2022-29900": {
"5.10": {
"cmt_id": "7070bbb66c5303117e4c7651711ea7daae4c64b5",
@@ -33864,10 +33904,18 @@
}
},
"CVE-2022-3524": {
+ "5.10": {
+ "cmt_id": "818c36b988b82f31e4be8ad8415e1be902b8e5f8",
+ "fixed_version": "5.10.154"
+ },
"5.15": {
"cmt_id": "1401e9336bebaa6dd5a320f83bddc17619d4e3a6",
"fixed_version": "5.15.77"
},
+ "5.4": {
+ "cmt_id": "92aaa5e8fe90a008828a1207e66a30444bcb1cbd",
+ "fixed_version": "5.4.224"
+ },
"6.0": {
"cmt_id": "0c5d628f1e1d049c33595693fab1b6e9baf25795",
"fixed_version": "6.0.7"
@@ -33932,6 +33980,10 @@
"cmt_id": "0b6516a4e3eb0e2dc88a538458f3f732940f44fd",
"fixed_version": "5.15.75"
},
+ "5.19": {
+ "cmt_id": "96c0c14135f5803f9e94e6da2ee9c4b012fdcb20",
+ "fixed_version": "5.19.17"
+ },
"5.4": {
"cmt_id": "71e0ab5b7598d88001762fddbfeb331543c62841",
"fixed_version": "5.4.220"
@@ -33942,11 +33994,45 @@
}
},
"CVE-2022-3543": {
+ "5.15": {
+ "cmt_id": "3975affcf55f93814a8ae14333d7fc7f183e60a4",
+ "fixed_version": "5.15.78"
+ },
"6.0": {
"cmt_id": "2f415ad33bc1a729fb1050141921b5a9ec4e062c",
"fixed_version": "6.0.3"
}
},
+ "CVE-2022-3564": {
+ "4.14": {
+ "cmt_id": "03af22e23b96fb7ef75fb7885407ef457e8b403d",
+ "fixed_version": "4.14.299"
+ },
+ "4.19": {
+ "cmt_id": "6c7407bfbeafc80a04e6eaedcf34d378532a04f2",
+ "fixed_version": "4.19.265"
+ },
+ "4.9": {
+ "cmt_id": "dc30e05bb18852303084430c03ca76e69257d9ea",
+ "fixed_version": "4.9.333"
+ },
+ "5.10": {
+ "cmt_id": "cb1c012099ef5904cd468bdb8d6fcdfdd9bcb569",
+ "fixed_version": "5.10.154"
+ },
+ "5.15": {
+ "cmt_id": "8278a87bb1eeea94350d675ef961ee5a03341fde",
+ "fixed_version": "5.15.78"
+ },
+ "5.4": {
+ "cmt_id": "4cd094fd5d872862ca278e15b9b51b07e915ef3f",
+ "fixed_version": "5.4.224"
+ },
+ "6.0": {
+ "cmt_id": "9a04161244603f502c6e453913e51edd59cb70c1",
+ "fixed_version": "6.0.8"
+ }
+ },
"CVE-2022-3565": {
"4.14": {
"cmt_id": "cbd342376a4e7ea481891181910e9e995390eb24",
@@ -34089,6 +34175,16 @@
"fixed_version": "5.4.207"
}
},
+ "CVE-2022-3619": {
+ "5.15": {
+ "cmt_id": "aa16cac06b752e5f609c106735bd7838f444784c",
+ "fixed_version": "5.15.78"
+ },
+ "6.0": {
+ "cmt_id": "5b4f039a2f487c5edae681d763fe1af505f84c13",
+ "fixed_version": "6.0.8"
+ }
+ },
"CVE-2022-3621": {
"4.14": {
"cmt_id": "1ce68de30b663b79073251162123e57cbed2dc84",
@@ -34120,6 +34216,10 @@
}
},
"CVE-2022-3623": {
+ "5.15": {
+ "cmt_id": "3a44ae4afaa5318baed3c6e2959f24454e0ae4ff",
+ "fixed_version": "5.15.78"
+ },
"6.0": {
"cmt_id": "7c7c79dd5a388758f8dfa3de89b131d5d84f25fd",
"fixed_version": "6.0.3"
@@ -34139,6 +34239,36 @@
"fixed_version": "5.4.211"
}
},
+ "CVE-2022-3628": {
+ "4.14": {
+ "cmt_id": "b23665bbd39224e15aab89df4a4b60c0ab2ad09d",
+ "fixed_version": "4.14.299"
+ },
+ "4.19": {
+ "cmt_id": "5e7d546917431400b7d6e5e38f588e0bd13083c9",
+ "fixed_version": "4.19.265"
+ },
+ "4.9": {
+ "cmt_id": "b1477d95e967bf626b8c5e3838bb885c47381b24",
+ "fixed_version": "4.9.333"
+ },
+ "5.10": {
+ "cmt_id": "c6678c8f4f3f8383fe2dff3455de3d504382638f",
+ "fixed_version": "5.10.154"
+ },
+ "5.15": {
+ "cmt_id": "7038af4ce95105146d22e461eaa450829f28eeaf",
+ "fixed_version": "5.15.78"
+ },
+ "5.4": {
+ "cmt_id": "a16415c8f156bec5399ef0345715ee4b90e5bb83",
+ "fixed_version": "5.4.224"
+ },
+ "6.0": {
+ "cmt_id": "631f73deedeb0fbc92ca5037d5a71c9fcae7974d",
+ "fixed_version": "6.0.8"
+ }
+ },
"CVE-2022-3629": {
"4.14": {
"cmt_id": "ec0a5b730cc053202df6b6e6dd6c860977990646",
@@ -34209,6 +34339,12 @@
"fixed_version": "5.4.211"
}
},
+ "CVE-2022-3640": {
+ "6.0": {
+ "cmt_id": "8f7e4cf0694149a5d999d676ebd9ecf1b4cb2cc9",
+ "fixed_version": "6.0.8"
+ }
+ },
"CVE-2022-3646": {
"4.14": {
"cmt_id": "a832de79d82ac8c9f445f99069e11b17c5d2224a",
@@ -34357,6 +34493,12 @@
"fixed_version": "5.19.6"
}
},
+ "CVE-2022-3977": {
+ "6.0": {
+ "cmt_id": "3c7c84319833259b0bb8c879928700c9e42d6562",
+ "fixed_version": "6.0.2"
+ }
+ },
"CVE-2022-39842": {
"4.14": {
"cmt_id": "9556a88a16e381dbd6834da95206742d0973afc6",
@@ -34483,6 +34625,66 @@
"fixed_version": "6.0.2"
}
},
+ "CVE-2022-41849": {
+ "4.14": {
+ "cmt_id": "fa008859983d9231b9241a4b9eac7aabfbb45155",
+ "fixed_version": "4.14.296"
+ },
+ "4.19": {
+ "cmt_id": "6d8dbefc4de96d35d68c723e2e75b5a23173c08c",
+ "fixed_version": "4.19.262"
+ },
+ "4.9": {
+ "cmt_id": "347a969b130c2a496f471f14b354119b82664f0a",
+ "fixed_version": "4.9.331"
+ },
+ "5.10": {
+ "cmt_id": "e50472949604f385e09ce3fa4e74dce9f44fb19b",
+ "fixed_version": "5.10.150"
+ },
+ "5.15": {
+ "cmt_id": "2b0897e33682a332167b7d355eec28693b62119e",
+ "fixed_version": "5.15.75"
+ },
+ "5.4": {
+ "cmt_id": "3742e9fd552e6c4193ebc5eb3d2cd02d429cad9c",
+ "fixed_version": "5.4.220"
+ },
+ "6.0": {
+ "cmt_id": "e2e5264dcf5796559869750a2d6943ac88fe3918",
+ "fixed_version": "6.0.3"
+ }
+ },
+ "CVE-2022-41850": {
+ "4.14": {
+ "cmt_id": "fb8b43b7721786f551ec95542e07cf9a909f3e56",
+ "fixed_version": "4.14.296"
+ },
+ "4.19": {
+ "cmt_id": "13de81c7ea0fd68efb48a2d2957e349237905923",
+ "fixed_version": "4.19.262"
+ },
+ "4.9": {
+ "cmt_id": "84607bd3a8542b84b450d19a3579172f96c2bb47",
+ "fixed_version": "4.9.331"
+ },
+ "5.10": {
+ "cmt_id": "dbcca76435a606a352c794956e6df62eedd3a353",
+ "fixed_version": "5.10.150"
+ },
+ "5.15": {
+ "cmt_id": "c61786dc727d1850336d12c85a032c9a36ae396d",
+ "fixed_version": "5.15.75"
+ },
+ "5.4": {
+ "cmt_id": "e30c3a9a88818e5cf3df3fda6ab8388bef3bc6cd",
+ "fixed_version": "5.4.220"
+ },
+ "6.0": {
+ "cmt_id": "8a251549ab577d64ece210a11c404354479bd635",
+ "fixed_version": "6.0.3"
+ }
+ },
"CVE-2022-42703": {
"4.14": {
"cmt_id": "978a70601bdc4c32de4003d3beef4dfa23fff1e0",
@@ -34597,6 +34799,50 @@
"fixed_version": "6.0.2"
}
},
+ "CVE-2022-42895": {
+ "4.14": {
+ "cmt_id": "999d99c8de09537bd4f4a4a7db2be6b55c6ed817",
+ "fixed_version": "4.14.299"
+ },
+ "4.19": {
+ "cmt_id": "36919a82f335784d86b4def308739559bb47943d",
+ "fixed_version": "4.19.265"
+ },
+ "4.9": {
+ "cmt_id": "63e3d75298fac7fa50906454603dd5bb4ef22a23",
+ "fixed_version": "4.9.333"
+ },
+ "5.10": {
+ "cmt_id": "26ca2ac091b49281d73df86111d16e5a76e43bd7",
+ "fixed_version": "5.10.154"
+ },
+ "5.15": {
+ "cmt_id": "3e4697ffdfbb38a2755012c4e571546c89ab6422",
+ "fixed_version": "5.15.78"
+ },
+ "5.4": {
+ "cmt_id": "6949400ec9feca7f88c0f6ca5cb5fdbcef419c89",
+ "fixed_version": "5.4.224"
+ },
+ "6.0": {
+ "cmt_id": "e1aada9b71493b2e11c2a239ece99a97e3f13431",
+ "fixed_version": "6.0.8"
+ }
+ },
+ "CVE-2022-42896": {
+ "5.10": {
+ "cmt_id": "6b6f94fb9a74dd2891f11de4e638c6202bc89476",
+ "fixed_version": "5.10.154"
+ },
+ "5.15": {
+ "cmt_id": "81035e1201e26d57d9733ac59140a3e29befbc5a",
+ "fixed_version": "5.15.78"
+ },
+ "6.0": {
+ "cmt_id": "d7efeb93213becae13c6a12e4150ce1e07bd2c49",
+ "fixed_version": "6.0.8"
+ }
+ },
"CVE-2022-43750": {
"4.14": {
"cmt_id": "b29f76fcf2db6615b416d98e28c7d81eff4c89a2",
@@ -34632,6 +34878,10 @@
"cmt_id": "dc7f225090c29a5f3b9419b1af32846a201555e7",
"fixed_version": "5.15.75"
},
+ "5.19": {
+ "cmt_id": "c2a878095b5c6f04f90553a3c45872f990dab14e",
+ "fixed_version": "5.19.17"
+ },
"6.0": {
"cmt_id": "f59c74df82f6ac9d2ea4e01aa3ae7c6c4481652d",
"fixed_version": "6.0.3"
