Update 19Jun22
closes #283
closes #282
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index f204803..7994727 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,21 +1,40 @@
# **Linux Kernel CVE Changes**
-## Last Update - 12Jun22 09:33
+## Last Update - 19Jun22 17:25
### **New CVEs Added:**
-[CVE-2022-32981](cves/CVE-2022-32981)
+[CVE-2022-1976](cves/CVE-2022-1976)
+[CVE-2022-2078](cves/CVE-2022-2078)
+
+
+### **New Versions Checked:**
+
+[4.14.284](streams/4.14)
+[4.19.248](streams/4.19)
+[4.9.319](streams/4.9)
+[5.10.123](streams/5.10)
+[5.15.48](streams/5.15)
+[5.17.15](streams/5.17)
+[5.18.5](streams/5.18)
+[5.19-rc2](streams/5.19-rc2)
+[5.4.199](streams/5.4)
### **Updated CVEs:**
[CVE-2022-1678](cves/CVE-2022-1678)
-[CVE-2022-1734](cves/CVE-2022-1734)
[CVE-2022-1786](cves/CVE-2022-1786)
-[CVE-2022-20008](cves/CVE-2022-20008)
-[CVE-2022-29581](cves/CVE-2022-29581)
-[CVE-2022-1462](cves/CVE-2022-1462)
-[CVE-2022-1652](cves/CVE-2022-1652)
-[CVE-2022-1789](cves/CVE-2022-1789)
-[CVE-2022-1943](cves/CVE-2022-1943)
+[CVE-2022-1966](cves/CVE-2022-1966)
+[CVE-2022-32981](cves/CVE-2022-32981)
+[CVE-2020-27068](cves/CVE-2020-27068)
+[CVE-2022-1998](cves/CVE-2022-1998)
+[CVE-2022-20132](cves/CVE-2022-20132)
+[CVE-2022-20141](cves/CVE-2022-20141)
+[CVE-2022-20148](cves/CVE-2022-20148)
+[CVE-2022-20153](cves/CVE-2022-20153)
+[CVE-2022-20154](cves/CVE-2022-20154)
+[CVE-2022-20166](cves/CVE-2022-20166)
+[CVE-2022-21499](cves/CVE-2022-21499)
+[CVE-2022-32296](cves/CVE-2022-32296)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index f73b622..508a6d1 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1143,6 +1143,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1150,6 +1151,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index 0dea254..ca8d4e8 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1281,6 +1281,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1288,6 +1289,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index d9d1729..9690fc7 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1109,6 +1109,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1116,6 +1117,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index a274e1b..efd2072 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1243,6 +1243,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1250,6 +1251,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index 907fbfa..411faf0 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1090,6 +1090,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1097,6 +1098,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index c95efa8..e933e69 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1196,6 +1196,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1203,6 +1204,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index 615fd8e..bcc2c0e 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -1074,6 +1074,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1081,6 +1082,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index e0f19c6..bbfef7f 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1308,6 +1308,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1315,6 +1316,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index 02091e6..86ecf68 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1129,6 +1129,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1136,6 +1137,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index 02bea7b..223c699 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1285,6 +1285,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1292,6 +1293,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 585c28e..e2f42d6 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1030,6 +1030,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1037,6 +1038,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index 2a1ea64..6c7ea55 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1126,6 +1126,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1133,6 +1134,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index 680d6cb..4f31427 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -922,6 +922,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -929,6 +930,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index 54cab78..21bfb24 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -956,6 +956,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -963,6 +964,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index 678e8f8..d10c1c6 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -892,6 +892,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -899,6 +900,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index dabe8c4..7e9d29e 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -914,6 +914,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -921,6 +922,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index c7106e7..93c2c0b 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -871,6 +871,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -878,6 +879,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 72b2c83..98bcff5 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -897,6 +897,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -904,6 +905,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index fec62aa..3953dd6 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -854,6 +854,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -861,6 +862,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index 2c82910..15d6930 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -882,6 +882,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -889,6 +890,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index dedc666..aebd659 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -814,11 +814,12 @@
CVE-2022-1852: Fix not seen in stream
CVE-2022-1882: Fix unknown
CVE-2022-1943: Fix not seen in stream
-CVE-2022-1966: Fix not seen in stream
+CVE-2022-1966: Fixed with 4.14.283
CVE-2022-1972: Fix not seen in stream
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fixed with 4.14.278
CVE-2022-1975: Fixed with 4.14.278
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fixed with 4.14.258
CVE-2022-20141: Fixed with 4.14.247
@@ -826,6 +827,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fixed with 4.14.261
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fixed with 4.14.264
CVE-2022-23036: Fixed with 4.14.271
@@ -861,4 +863,4 @@
CVE-2022-29968: Fix not seen in stream
CVE-2022-30594: Fixed with 4.14.276
CVE-2022-32296: Fix not seen in stream
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 4.14.283
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index d3b282f..c03cd88 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1140,6 +1140,10 @@
CVE-2022-0494: 4f3ea768c56e8dce55ae538f18b37420366c5c22 block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
CVE-2022-1012: 40d20f3186ddd9b6b94598f4ef3d07644b0fa43c secure_seq: use the 64 bits of the siphash for port offset calculation
+CVEs fixed in 4.14.283:
+ CVE-2022-1966: 5b732a9e8e22395d911b3e6c343cbed0e1cec275 netfilter: nf_tables: disallow non-stateful expression in sets earlier
+ CVE-2022-32981: d13c94c4b6f816e79b8e4df193db1bdcc7253610 powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1300,13 +1304,14 @@
CVE-2022-1852: (unk) KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1882: (unk)
CVE-2022-1943: (unk) udf: Avoid using stale lengthOfImpUse
- CVE-2022-1966: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
CVE-2022-25265: (unk)
@@ -1319,4 +1324,3 @@
CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index 432021d..41c3bfc 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -769,6 +769,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -776,6 +777,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index 8c614e6..a264750 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -801,6 +801,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -808,6 +809,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index e03fa82..3a62a51 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -747,6 +747,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -755,6 +756,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index c762c14..d17a67e 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -779,6 +779,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -787,6 +788,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index f932eb6..ed68dc6 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -727,6 +727,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -735,6 +736,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index ee0d1a0..49e6e4f 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -759,6 +759,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -767,6 +768,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 4f555ad..2511a1f 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -705,6 +705,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -713,6 +714,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index 37eae1b..b6324bf 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -737,6 +737,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -745,6 +746,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index 58a3819..b657cd4 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -662,7 +662,7 @@
CVE-2022-1651: Fix not seen in stream
CVE-2022-1652: Fix unknown
CVE-2022-1671: Fix not seen in stream
-CVE-2022-1678: Fix not seen in stream
+CVE-2022-1678: Fixed with 4.19.228
CVE-2022-1679: Fix unknown
CVE-2022-1729: Fixed with 4.19.245
CVE-2022-1734: Fixed with 4.19.242
@@ -672,11 +672,12 @@
CVE-2022-1852: Fix not seen in stream
CVE-2022-1882: Fix unknown
CVE-2022-1943: Fix not seen in stream
-CVE-2022-1966: Fix not seen in stream
+CVE-2022-1966: Fixed with 4.19.247
CVE-2022-1972: Fix not seen in stream
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fixed with 4.19.242
CVE-2022-1975: Fixed with 4.19.242
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fixed with 4.19.231
CVE-2022-20132: Fixed with 4.19.221
@@ -685,6 +686,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fixed with 4.19.224
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fixed with 4.19.227
CVE-2022-23036: Fixed with 4.19.234
@@ -721,4 +723,4 @@
CVE-2022-29968: Fix not seen in stream
CVE-2022-30594: Fixed with 4.19.238
CVE-2022-32296: Fix not seen in stream
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 4.19.247
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index e22a141..be71106 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -866,6 +866,7 @@
CVEs fixed in 4.19.228:
CVE-2022-0617: a23a59717f9f01a49394488f515550f9382fbada udf: Fix NULL ptr deref when converting from inline format
+ CVE-2022-1678: 0a70f118475e037732557796accd0878a00fc25a tcp: optimize tcp internal pacing
CVE-2022-24448: b00b4c6faad0f21e443fb1584f7a8ea222beb0de NFSv4: Handle case where the lookup of a directory fails
CVE-2022-24959: 4bd197ce18329e3725fe3af5bd27daa4256d3ac7 yam: fix a memory leak in yam_siocdevprivate()
@@ -947,6 +948,10 @@
CVE-2022-0494: 18243d8479fd77952bdb6340024169d30b173a40 block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
CVE-2022-1012: 695309c5c71526d32f5539f008bbf20ed2218528 secure_seq: use the 64 bits of the siphash for port offset calculation
+CVEs fixed in 4.19.247:
+ CVE-2022-1966: ed44398b45add3d9be56b7457cc9e05282e518b4 netfilter: nf_tables: disallow non-stateful expression in sets earlier
+ CVE-2022-32981: a0e38a2808ea708beb4196a8873cecc23efb8e64 powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1079,20 +1084,20 @@
CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl()
CVE-2022-1652: (unk)
CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c
- CVE-2022-1678: (unk) tcp: optimize tcp internal pacing
CVE-2022-1679: (unk)
CVE-2022-1786: (unk) io_uring: remove io_identity
CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
CVE-2022-1852: (unk) KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1882: (unk)
CVE-2022-1943: (unk) udf: Avoid using stale lengthOfImpUse
- CVE-2022-1966: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
CVE-2022-25265: (unk)
@@ -1105,4 +1110,3 @@
CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index b92634e..a5d8ba2 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -665,6 +665,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -673,6 +674,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index 3a7bd7e..fa211f6 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -697,6 +697,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -705,6 +706,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index 709d993..245b5ee 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1025,6 +1025,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -1032,6 +1033,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 7ad9b0c..7ac1b72 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1041,6 +1041,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1048,6 +1049,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 7267869..f331c24 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1005,6 +1005,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fixed with 4.4.295
CVE-2022-20141: Fixed with 4.4.284
@@ -1012,6 +1013,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index c08c5ad..f2fd6ae 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1491,11 +1491,13 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index fbf6b58..0729ac8 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -987,6 +987,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -994,6 +995,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index a0830e4..6cdc497 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1003,6 +1003,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -1010,6 +1011,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 3b7eede..d04c5c6 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -957,6 +957,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -964,6 +965,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index cc17079..ce4226c 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -975,6 +975,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -982,6 +983,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index 6c31468..9a2487d 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -938,6 +938,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -945,6 +946,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index 90be61c..436ce13 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -958,6 +958,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -965,6 +966,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 5964c11..1651e92 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -942,6 +942,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fix not seen in stream
@@ -949,6 +950,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index 1fd5740..de2e020 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -972,6 +972,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20141: (unk) igmp: Add ip_mc_list lock in ip_check_mc_rcu
@@ -979,6 +980,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index 61af887..1b83705 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -936,11 +936,12 @@
CVE-2022-1852: Fix not seen in stream
CVE-2022-1882: Fix unknown
CVE-2022-1943: Fix not seen in stream
-CVE-2022-1966: Fix not seen in stream
+CVE-2022-1966: Fixed with 4.9.318
CVE-2022-1972: Fix not seen in stream
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fixed with 4.9.313
CVE-2022-1975: Fixed with 4.9.313
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20132: Fixed with 4.9.293
CVE-2022-20141: Fixed with 4.9.283
@@ -948,6 +949,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-23036: Fixed with 4.9.306
CVE-2022-23037: Fixed with 4.9.306
@@ -980,4 +982,4 @@
CVE-2022-29968: Fix not seen in stream
CVE-2022-30594: Fixed with 4.9.311
CVE-2022-32296: Fix not seen in stream
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 4.9.318
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index 80ae05f..76dac71 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1261,6 +1261,10 @@
CVEs fixed in 4.9.317:
CVE-2022-0494: d59073bedb7cf752b8cd4027dd0f67cf7ac4330f block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
+CVEs fixed in 4.9.318:
+ CVE-2022-1966: 94e9b75919619ba8c4072abc4917011a7a888a79 netfilter: nf_tables: disallow non-stateful expression in sets earlier
+ CVE-2022-32981: 89dda10b73b7ce184caf18754907126ce7ce3fad powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1463,14 +1467,15 @@
CVE-2022-1852: (unk) KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1882: (unk)
CVE-2022-1943: (unk) udf: Avoid using stale lengthOfImpUse
- CVE-2022-1966: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact()
CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
@@ -1486,4 +1491,3 @@
CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index 5d451d5..0944ae0 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -645,6 +645,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -653,6 +654,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index 571ca55..0e5f028 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -693,6 +693,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -701,6 +702,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index 5de1cf7..8ec5da3 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -612,6 +612,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -620,6 +621,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index 3ac1b78..7f0b5af 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -648,6 +648,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -656,6 +657,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index bd4e89a..77287d1 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -302,7 +302,7 @@
CVE-2022-1679: Fix unknown
CVE-2022-1729: Fixed with 5.10.118
CVE-2022-1734: Fixed with 5.10.115
-CVE-2022-1786: Fix not seen in stream
+CVE-2022-1786: Fixed with 5.10.117
CVE-2022-1789: Fixed with 5.10.119
CVE-2022-1836: Fixed with 5.10.114
CVE-2022-1852: Fixed with 5.10.120
@@ -313,6 +313,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fixed with 5.10.115
CVE-2022-1975: Fixed with 5.10.115
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fixed with 5.10.97
CVE-2022-20008: Fixed with 5.10.102
CVE-2022-20132: Fixed with 5.10.85
@@ -320,6 +321,7 @@
CVE-2022-20148: Fix not seen in stream
CVE-2022-20153: Fixed with 5.10.107
CVE-2022-20154: Fixed with 5.10.90
+CVE-2022-2078: Fixed with 5.10.120
CVE-2022-21499: Fixed with 5.10.119
CVE-2022-22942: Fixed with 5.10.95
CVE-2022-23036: Fixed with 5.10.105
@@ -356,4 +358,4 @@
CVE-2022-29968: Fix not seen in stream
CVE-2022-30594: Fixed with 5.10.110
CVE-2022-32296: Fix not seen in stream
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 5.10.122
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index 52b8621..523486d 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -414,6 +414,7 @@
CVE-2022-1975: 879b075a9a364a325988d4484b74311edfef82a1 NFC: netlink: fix sleep in atomic bug when firmware download timeout
CVEs fixed in 5.10.117:
+ CVE-2022-1786: 29f077d070519a88a793fbc70f1e6484dc6d9e35 io_uring: remove io_identity
CVE-2022-28893: e68b60ae29de10c7bd7636e227164a8dbe305a82 SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
CVEs fixed in 5.10.118:
@@ -429,6 +430,10 @@
CVE-2022-1852: 3d8fc6e28f321d753ab727e3c3e740daf36a8fa3 KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1966: ea62d169b6e731e0b54abda1d692406f6bc6a696 netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: c0aff1faf66b6b7a19103f83e6a5d0fdc64b9048 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
+ CVE-2022-2078: c0aff1faf66b6b7a19103f83e6a5d0fdc64b9048 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
+
+CVEs fixed in 5.10.122:
+ CVE-2022-32981: 3be74fc0afbeadc2aff8dc69f3bf9716fbe66486 powerpc/32: Fix overread/overwrite of thread_struct via ptrace
Outstanding CVEs:
CVE-2005-3660: (unk)
@@ -522,10 +527,10 @@
CVE-2022-1652: (unk)
CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c
CVE-2022-1679: (unk)
- CVE-2022-1786: (unk) io_uring: remove io_identity
CVE-2022-1882: (unk)
CVE-2022-1943: (unk) udf: Avoid using stale lengthOfImpUse
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
CVE-2022-25265: (unk)
@@ -534,4 +539,3 @@
CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index 5a01e37..4955753 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -300,6 +300,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -307,6 +308,7 @@
CVE-2022-20148: Fix not seen in stream
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index dcf1d51..cac648e 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -340,6 +340,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -347,6 +348,7 @@
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 307f9bc..bfda2d0 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -250,6 +250,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -257,6 +258,7 @@
CVE-2022-20148: Fix not seen in stream
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index daf48df..2d1347a 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -282,6 +282,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -289,6 +290,7 @@
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 0df53be..1f76e56 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -213,12 +213,14 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fixed with 5.13.16
CVE-2022-20148: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index 864ae74..e408284 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -246,11 +246,13 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index e26409f..b86951c 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -185,12 +185,14 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
CVE-2022-20141: Fixed with 5.14.3
CVE-2022-20148: Fixed with 5.14.19
CVE-2022-20154: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index 64b2445..187b243 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -221,10 +221,12 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index 738dafd..118f76f 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -151,11 +151,13 @@
CVE-2022-1973: Fixed with 5.15.46
CVE-2022-1974: Fixed with 5.15.39
CVE-2022-1975: Fixed with 5.15.39
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fixed with 5.15.20
CVE-2022-20008: Fixed with 5.15.25
CVE-2022-20132: Fixed with 5.15.8
CVE-2022-20148: Fixed with 5.15.3
CVE-2022-20154: Fixed with 5.15.13
+CVE-2022-2078: Fixed with 5.15.45
CVE-2022-21499: Fixed with 5.15.42
CVE-2022-22942: Fixed with 5.15.18
CVE-2022-23036: Fixed with 5.15.28
@@ -193,4 +195,4 @@
CVE-2022-29968: Fix not seen in stream
CVE-2022-30594: Fixed with 5.15.33
CVE-2022-32296: Fixed with 5.15.41
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 5.15.47
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index c262b77..e51ad6b 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -186,10 +186,14 @@
CVE-2022-1852: 531d1070d864c78283b7597449e60ddc53319d88 KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1966: f692bcffd1f2ce5488d24fbcb8eab5f351abf79d netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: 89ef50fe03a55feccf5681c237673a2f98161161 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
+ CVE-2022-2078: 89ef50fe03a55feccf5681c237673a2f98161161 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVEs fixed in 5.15.46:
CVE-2022-1973: 61decb58486d7c0cbded25fe4d301ab4fa148cd8 fs/ntfs3: Fix invalid free in log_replay
+CVEs fixed in 5.15.47:
+ CVE-2022-32981: 2a0165d278973e30f2282c15c52d91788749d2d4 powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -262,9 +266,9 @@
CVE-2022-1652: (unk)
CVE-2022-1679: (unk)
CVE-2022-1882: (unk)
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-24122: (unk) ucount: Make get_ucount a safe get_user replacement
CVE-2022-25265: (unk)
CVE-2022-26878: (unk)
CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index 6cd0eaa..77f9b23 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -120,8 +120,10 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fixed with 5.16.6
CVE-2022-20008: Fixed with 5.16.11
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fixed with 5.16.4
CVE-2022-23036: Fixed with 5.16.14
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 748bbe4..b3def32 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -185,6 +185,8 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-24122: (unk) ucount: Make get_ucount a safe get_user replacement
CVE-2022-25265: (unk)
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index 5b94648..0d95560 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -90,6 +90,8 @@
CVE-2022-1973: Fixed with 5.17.14
CVE-2022-1974: Fixed with 5.17.7
CVE-2022-1975: Fixed with 5.17.7
+CVE-2022-1976: Fix not seen in stream
+CVE-2022-2078: Fixed with 5.17.13
CVE-2022-21499: Fixed with 5.17.10
CVE-2022-25265: Fix unknown
CVE-2022-26878: Fix unknown
@@ -104,4 +106,4 @@
CVE-2022-29968: Fixed with 5.17.6
CVE-2022-30594: Fixed with 5.17.2
CVE-2022-32296: Fixed with 5.17.9
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 5.17.15
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index ecce2aa..f9b77c1 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -57,10 +57,14 @@
CVE-2022-1852: dca5ea67a3e627a3022fe58722a2807c1ef61c29 KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1966: d8db0465bcc4d4b54ecfb67b820ed26eb1440da7 netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: c88f3e3d243d701586239c5b69356ec2b1fd05f1 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
+ CVE-2022-2078: c88f3e3d243d701586239c5b69356ec2b1fd05f1 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVEs fixed in 5.17.14:
CVE-2022-1973: 2088cc00491e8d25a99d0f247df843e9c3df2040 fs/ntfs3: Fix invalid free in log_replay
+CVEs fixed in 5.17.15:
+ CVE-2022-32981: 638556430658eca42501271edb38154264767ff5 powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -130,6 +134,6 @@
CVE-2022-1652: (unk)
CVE-2022-1679: (unk)
CVE-2022-1882: (unk)
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-25265: (unk)
CVE-2022-26878: (unk)
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index 5a1efa8..2bfb539 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -572,6 +572,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -580,6 +581,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index b3048bf..ac6b948 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -610,6 +610,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -618,6 +619,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index dfc2f69..ae2b47a 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -544,6 +544,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -552,6 +553,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index af8bba5..90ca035 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -580,6 +580,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -588,6 +589,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index 843d6f4..f965778 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -464,11 +464,12 @@
CVE-2022-1852: Fix not seen in stream
CVE-2022-1882: Fix unknown
CVE-2022-1943: Fix not seen in stream
-CVE-2022-1966: Fix not seen in stream
+CVE-2022-1966: Fixed with 5.4.198
CVE-2022-1972: Fix not seen in stream
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fixed with 5.4.193
CVE-2022-1975: Fixed with 5.4.193
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fixed with 5.4.181
CVE-2022-20132: Fixed with 5.4.165
@@ -477,6 +478,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fixed with 5.4.170
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fixed with 5.4.197
CVE-2022-22942: Fixed with 5.4.175
CVE-2022-23036: Fixed with 5.4.184
@@ -513,4 +515,4 @@
CVE-2022-29968: Fix not seen in stream
CVE-2022-30594: Fixed with 5.4.189
CVE-2022-32296: Fix not seen in stream
-CVE-2022-32981: Fix not seen in stream
+CVE-2022-32981: Fixed with 5.4.198
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index f0e6deb..dd4ddf8 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -677,6 +677,10 @@
CVE-2022-1012: ab5b00cfe0500f5f5a3648ca945b892156b839fb secure_seq: use the 64 bits of the siphash for port offset calculation
CVE-2022-21499: 8bb828229da903bb5710d21065e0a29f9afd30e0 lockdown: also lock down previous kgdb use
+CVEs fixed in 5.4.198:
+ CVE-2022-1966: f36736fbd48491a8d85cd22f4740d542c5a1546e netfilter: nf_tables: disallow non-stateful expression in sets earlier
+ CVE-2022-32981: 0c4bc0a2f8257f79a70fe02b9a698eb14695a64b powerpc/32: Fix overread/overwrite of thread_struct via ptrace
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -791,13 +795,14 @@
CVE-2022-1852: (unk) KVM: x86: avoid calling x86 emulator without a decoded instruction
CVE-2022-1882: (unk)
CVE-2022-1943: (unk) udf: Avoid using stale lengthOfImpUse
- CVE-2022-1966: (unk) netfilter: nf_tables: disallow non-stateful expression in sets earlier
CVE-2022-1972: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
CVE-2022-25265: (unk)
CVE-2022-26878: (unk)
@@ -807,4 +812,3 @@
CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal
CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb
CVE-2022-32296: (unk) tcp: increase source port perturb table to 2^16
- CVE-2022-32981: (unk) powerpc/32: Fix overread/overwrite of thread_struct via ptrace
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 102a020..df4e9e7 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -427,6 +427,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -435,6 +436,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index 4c87658..fef2063 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -459,6 +459,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -467,6 +468,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index e5b0014..baa814c 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -401,6 +401,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -409,6 +410,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index 033c1f6..8df3e71 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -433,6 +433,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -441,6 +442,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index 714c926..16f0642 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -387,6 +387,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -395,6 +396,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index 97ea7a9..8731141 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -421,6 +421,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -429,6 +430,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index ac62283..4084a05 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -366,6 +366,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -374,6 +375,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index 12967cb..8c63d46 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -400,6 +400,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -408,6 +409,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index a9ae8bd..5a9d12c 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -337,6 +337,7 @@
CVE-2022-1973: Fix not seen in stream
CVE-2022-1974: Fix not seen in stream
CVE-2022-1975: Fix not seen in stream
+CVE-2022-1976: Fix not seen in stream
CVE-2022-1998: Fix not seen in stream
CVE-2022-20008: Fix not seen in stream
CVE-2022-20132: Fix not seen in stream
@@ -345,6 +346,7 @@
CVE-2022-20153: Fix not seen in stream
CVE-2022-20154: Fix not seen in stream
CVE-2022-20166: Fix not seen in stream
+CVE-2022-2078: Fix not seen in stream
CVE-2022-21499: Fix not seen in stream
CVE-2022-22942: Fix not seen in stream
CVE-2022-23036: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index ab8d561..70c6589 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -367,6 +367,7 @@
CVE-2022-1973: (unk) fs/ntfs3: Fix invalid free in log_replay
CVE-2022-1974: (unk) nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: (unk) NFC: netlink: fix sleep in atomic bug when firmware download timeout
+ CVE-2022-1976: (unk) io_uring: reinstate the inflight tracking
CVE-2022-1998: (unk) fanotify: Fix stale file descriptor in copy_event_to_user()
CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic
CVE-2022-20132: (unk) HID: add hid_is_usb() function to make it simpler for USB detection
@@ -375,6 +376,7 @@
CVE-2022-20153: (unk) io_uring: return back safer resurrect
CVE-2022-20154: (unk) sctp: use call_rcu to free endpoint
CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
+ CVE-2022-2078: (unk) netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use
CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy
CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access()
diff --git a/data/CVEs.txt b/data/CVEs.txt
index d521008..38169b4 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2022,6 +2022,7 @@
CVE-2022-1973: (n/a) - f26967b9f7a830e228bb13fb41bd516ddd9d789d (unk to v5.19-rc1)
CVE-2022-1974: (n/a) - da5c0f119203ad9728920456a0f52a6d850c01cd (unk to v5.18-rc6)
CVE-2022-1975: (n/a) - 4071bf121d59944d5cd2238de0642f3d7995a997 (unk to v5.18-rc6)
+CVE-2022-1976: (n/a) - 9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7 (unk to v5.19-rc1)
CVE-2022-1998: (n/a) - ee12595147ac1fbfb5bcb23837e26dd58d94b15d (unk to v5.17-rc3)
CVE-2022-20008: 81196976ed946cbf36bb41ddda402853c7df7cfa - 54309fde1a352ad2674ebba004a79f7d20b9f037 (v4.16-rc1 to v5.17-rc5)
CVE-2022-20132: (n/a) - f83baa0cb6cfc92ebaf7f9d3a99d7e34f2e77a8a (unk to v5.16-rc5)
@@ -2030,6 +2031,7 @@
CVE-2022-20153: (n/a) - f70865db5ff35f5ed0c7e9ef63e7cca3d4947f04 (unk to v5.13-rc1)
CVE-2022-20154: (n/a) - 5ec7d18d1813a5bead0b495045606c93873aecbb (unk to v5.16-rc8)
CVE-2022-20166: (n/a) - aa838896d87af561a33ecefea1caa4c15a68bc47 (unk to v5.10-rc1)
+CVE-2022-2078: (n/a) - fecf31ee395b0295f2d7260aa29946b7605f7c85 (unk to v5.19-rc1)
CVE-2022-21499: (n/a) - eadb2f47a3ced5c64b23b90fd2a3463f63726066 (unk to v5.19-rc1)
CVE-2022-22942: c906965dee22d5e95d0651759ba107b420212a9f - a0f90c8815706981c483a652a6aefca51a5e191c (v4.14-rc1 to v5.17-rc2)
CVE-2022-23036: (n/a) - 6b1775f26a2da2b05a6dc8ec2b5d14e9a4701a1a (unk to v5.17-rc8)
@@ -2067,4 +2069,4 @@
CVE-2022-29968: (n/a) - 32452a3eb8b64e01e2be717f518c0be046975b9d (unk to v5.18-rc5)
CVE-2022-30594: (n/a) - ee1fee900537b5d9560e9f937402de5ddc8412f3 (unk to v5.18-rc1)
CVE-2022-32296: (n/a) - 4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5 (unk to v5.18-rc6)
-CVE-2022-32981: (n/a) - 8e1278444446fc97778a5e5c99bca1ce0bbc5ec9 (unk to unk)
+CVE-2022-32981: (n/a) - 8e1278444446fc97778a5e5c99bca1ce0bbc5ec9 (unk to v5.19-rc2)
diff --git a/data/cmts.json b/data/cmts.json
index 011d5d6..e77f4e4 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -1518,6 +1518,7 @@
"8daaa83145ef1f0a146680618328dbbd0fa76939": "v3.1-rc1",
"8dd014adfea6f173c1ef6378f7e5e7924866c923": "v2.6.36-rc1",
"8dfbcc4351a0b6d2f2d77f367552f48ffefafe18": "v4.6-rc1",
+ "8e1278444446fc97778a5e5c99bca1ce0bbc5ec9": "v5.19-rc2",
"8e20cf2bce122ce9262d6034ee5d5b76fbb92f96": "v4.4-rc6",
"8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4": "v4.3-rc3",
"8e3fbf870481eb53b2d3a322d1fc395ad8b367ed": "v3.13-rc7",
@@ -1675,6 +1676,7 @@
"9c698bff66ab4914bb3d71da7dc6112519bde23e": "v5.11-rc7",
"9c6ba456711687b794dcf285856fc14e2c76074f": "v4.6-rc1",
"9c824b6a172c8d44a6b037946bae90127c969b1b": "v3.18-rc1",
+ "9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7": "v5.19-rc1",
"9cbee358687edf0359e29ac683ec25835134f059": "v3.5-rc1",
"9d2231c5d74e13b2a0546fee6737ee4446017903": "v5.17-rc6",
"9d47964bfd471f0dd4c89f28556aec68bffa0020": "v4.9-rc1",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index db7b031..3c3ae75 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -57801,8 +57801,8 @@
"cwe": "Out-of-bounds Read",
"fixes": "ea75080110a4c1fa011b0a73cb8f42227143ee3e",
"last_affected_version": "5.5.7",
- "last_modified": "2021-03-17",
- "nvd_text": "In the nl80211_policy policy of nl80211.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-119770583",
+ "last_modified": "2022-06-19",
+ "nvd_text": "Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2020-27068",
"ExploitDB": "https://www.exploit-db.com/search?cve=2020-27068",
@@ -70336,7 +70336,8 @@
},
"cwe": "Unspecified",
"fixes": "864e5c090749448e879e86bec06ee396aa2c19c5",
- "last_modified": "2022-06-12",
+ "last_affected_version": "4.19.227",
+ "last_modified": "2022-06-19",
"nvd_text": "An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1678",
@@ -70447,8 +70448,32 @@
"backport": true,
"breaks": "500a373d731ac506612db12631ec21295c1ff360",
"cmt_msg": "io_uring: remove io_identity",
+ "cvss2": {
+ "Access Complexity": "Low",
+ "Access Vector": "Local Access",
+ "Authentication": "None",
+ "Availability Impact": "Complete",
+ "Confidentiality Impact": "Complete",
+ "Integrity Impact": "Complete",
+ "raw": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "score": 7.2
+ },
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "cwe": "Use After Free",
"fixes": "4379bf8bd70b5de6bba7d53015b0c36c57a634ee",
- "last_modified": "2022-06-12",
+ "last_affected_version": "5.10.116",
+ "last_modified": "2022-06-19",
"nvd_text": "A use-after-free flaw was found in the Linux kernel\u2019s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1786",
@@ -70613,9 +70638,32 @@
"affected_versions": "unk to v5.19-rc1",
"breaks": "",
"cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier",
+ "cvss2": {
+ "Access Complexity": "Low",
+ "Access Vector": "Local Access",
+ "Authentication": "None",
+ "Availability Impact": "Complete",
+ "Confidentiality Impact": "Complete",
+ "Integrity Impact": "Complete",
+ "raw": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "score": 7.2
+ },
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "cwe": "Use After Free",
"fixes": "520778042ccca019f3ffa136dd0ca565c486cedd",
"last_affected_version": "5.18.1",
- "last_modified": "2022-06-10",
+ "last_modified": "2022-06-19",
"nvd_text": "A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1966",
@@ -70690,13 +70738,51 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2022-1975"
}
},
+ "CVE-2022-1976": {
+ "affected_versions": "unk to v5.19-rc1",
+ "breaks": "",
+ "cmt_msg": "io_uring: reinstate the inflight tracking",
+ "fixes": "9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7",
+ "last_modified": "2022-06-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1976",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2022-1976",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2022-1976",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2022-1976",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2022-1976",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2022-1976"
+ }
+ },
"CVE-2022-1998": {
"affected_versions": "unk to v5.17-rc3",
"breaks": "",
"cmt_msg": "fanotify: Fix stale file descriptor in copy_event_to_user()",
+ "cvss2": {
+ "Access Complexity": "Low",
+ "Access Vector": "Local Access",
+ "Authentication": "None",
+ "Availability Impact": "Complete",
+ "Confidentiality Impact": "Complete",
+ "Integrity Impact": "Complete",
+ "raw": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "score": 7.2
+ },
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "cwe": "Use After Free",
"fixes": "ee12595147ac1fbfb5bcb23837e26dd58d94b15d",
"last_affected_version": "5.16.5",
- "last_modified": "2022-06-10",
+ "last_modified": "2022-06-19",
"nvd_text": "A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1998",
@@ -70753,7 +70839,8 @@
"cmt_msg": "HID: add hid_is_usb() function to make it simpler for USB detection",
"fixes": "f83baa0cb6cfc92ebaf7f9d3a99d7e34f2e77a8a",
"last_affected_version": "5.15.7",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
+ "nvd_text": "In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-20132",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-20132",
@@ -70769,7 +70856,8 @@
"cmt_msg": "igmp: Add ip_mc_list lock in ip_check_mc_rcu",
"fixes": "23d2b94043ca8835bd1e67749020e839f396a1c2",
"last_affected_version": "5.14.2",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
+ "nvd_text": "In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-20141",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-20141",
@@ -70785,7 +70873,8 @@
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory",
"fixes": "5429c9dbc9025f9a166f64e22e3a69c94fd5b29b",
"last_affected_version": "5.15.2",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
+ "nvd_text": "In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-20148",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-20148",
@@ -70801,7 +70890,8 @@
"cmt_msg": "io_uring: return back safer resurrect",
"fixes": "f70865db5ff35f5ed0c7e9ef63e7cca3d4947f04",
"last_affected_version": "5.10.106",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
+ "nvd_text": "In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-20153",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-20153",
@@ -70817,7 +70907,8 @@
"cmt_msg": "sctp: use call_rcu to free endpoint",
"fixes": "5ec7d18d1813a5bead0b495045606c93873aecbb",
"last_affected_version": "5.15.12",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
+ "nvd_text": "In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-20154",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-20154",
@@ -70832,7 +70923,8 @@
"breaks": "",
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions",
"fixes": "aa838896d87af561a33ecefea1caa4c15a68bc47",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
+ "nvd_text": "In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-20166",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-20166",
@@ -70842,10 +70934,36 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2022-20166"
}
},
+ "CVE-2022-2078": {
+ "affected_versions": "unk to v5.19-rc1",
+ "breaks": "",
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()",
+ "fixes": "fecf31ee395b0295f2d7260aa29946b7605f7c85",
+ "last_affected_version": "5.18.1",
+ "last_modified": "2022-06-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2078",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2022-2078",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2022-2078",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2022-2078",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2022-2078",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2022-2078"
+ }
+ },
"CVE-2022-21499": {
"affected_versions": "unk to v5.19-rc1",
"breaks": "",
"cmt_msg": "lockdown: also lock down previous kgdb use",
+ "cvss2": {
+ "Access Complexity": "Low",
+ "Access Vector": "Local Access",
+ "Authentication": "None",
+ "Availability Impact": "Partial",
+ "Confidentiality Impact": "Partial",
+ "Integrity Impact": "Partial",
+ "raw": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "score": 4.6
+ },
"cvss3": {
"Attack Complexity": "Low",
"Attack Vector": "Local",
@@ -70858,9 +70976,10 @@
"raw": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"score": 6.5
},
+ "cwe": "Out-of-bounds Write",
"fixes": "eadb2f47a3ced5c64b23b90fd2a3463f63726066",
"last_affected_version": "5.18.0",
- "last_modified": "2022-06-10",
+ "last_modified": "2022-06-19",
"nvd_text": "KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-21499",
@@ -72246,9 +72365,32 @@
"affected_versions": "unk to v5.18-rc6",
"breaks": "",
"cmt_msg": "tcp: increase source port perturb table to 2^16",
+ "cvss2": {
+ "Access Complexity": "Low",
+ "Access Vector": "Local Access",
+ "Authentication": "None",
+ "Availability Impact": "None",
+ "Confidentiality Impact": "Partial",
+ "Integrity Impact": "None",
+ "raw": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "score": 2.1
+ },
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "None",
+ "Confidentiality": "Low",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+ "score": 3.3
+ },
+ "cwe": "Observable Discrepancy",
"fixes": "4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5",
"last_affected_version": "5.17.8",
- "last_modified": "2022-06-09",
+ "last_modified": "2022-06-19",
"nvd_text": "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-32296",
@@ -72260,11 +72402,12 @@
}
},
"CVE-2022-32981": {
- "affected_versions": "unk to unk",
+ "affected_versions": "unk to v5.19-rc2",
"breaks": "",
"cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
"fixes": "8e1278444446fc97778a5e5c99bca1ce0bbc5ec9",
- "last_modified": "2022-06-12",
+ "last_affected_version": "5.18.3",
+ "last_modified": "2022-06-19",
"nvd_text": "An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-32981",
diff --git a/data/stream_data.json b/data/stream_data.json
index 07577cd..e344cc6 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -2015,6 +2015,9 @@
"CVE-2020-12114": {
"cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -3683,6 +3686,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -4313,6 +4319,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -6566,6 +6575,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -8115,6 +8127,9 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
@@ -9384,6 +9399,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -10810,6 +10828,9 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
@@ -12157,6 +12178,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -13539,6 +13563,9 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
@@ -14715,6 +14742,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -18244,6 +18274,16 @@
"cmt_id": "40d20f3186ddd9b6b94598f4ef3d07644b0fa43c"
}
},
+ "4.14.283": {
+ "CVE-2022-1966": {
+ "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier",
+ "cmt_id": "5b732a9e8e22395d911b3e6c343cbed0e1cec275"
+ },
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "d13c94c4b6f816e79b8e4df193db1bdcc7253610"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -18380,6 +18420,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -18458,9 +18501,6 @@
"CVE-2022-28893": {
"cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()"
},
- "CVE-2022-1966": {
- "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier"
- },
"CVE-2017-9986": {
"cmt_msg": "sound: Retire OSS"
},
@@ -18473,9 +18513,6 @@
"CVE-2018-13095": {
"cmt_msg": "xfs: More robust inode extent count validation"
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -18515,6 +18552,9 @@
"CVE-2022-0812": {
"cmt_msg": "xprtrdma: fix incorrect header size calculations"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -19087,6 +19127,9 @@
"CVE-2020-12114": {
"cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -20854,6 +20897,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -21442,6 +21488,9 @@
"CVE-2018-10878": {
"cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -23293,6 +23342,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -26036,6 +26088,10 @@
"cmt_msg": "udf: Fix NULL ptr deref when converting from inline format",
"cmt_id": "a23a59717f9f01a49394488f515550f9382fbada"
},
+ "CVE-2022-1678": {
+ "cmt_msg": "tcp: optimize tcp internal pacing",
+ "cmt_id": "0a70f118475e037732557796accd0878a00fc25a"
+ },
"CVE-2022-24959": {
"cmt_msg": "yam: fix a memory leak in yam_siocdevprivate()",
"cmt_id": "4bd197ce18329e3725fe3af5bd27daa4256d3ac7"
@@ -26263,6 +26319,16 @@
"cmt_id": "695309c5c71526d32f5539f008bbf20ed2218528"
}
},
+ "4.19.247": {
+ "CVE-2022-1966": {
+ "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier",
+ "cmt_id": "ed44398b45add3d9be56b7457cc9e05282e518b4"
+ },
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "a0e38a2808ea708beb4196a8873cecc23efb8e64"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -26384,6 +26450,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -26441,9 +26510,6 @@
"CVE-2022-28893": {
"cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()"
},
- "CVE-2022-1966": {
- "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier"
- },
"CVE-2022-29156": {
"cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case"
},
@@ -26453,9 +26519,6 @@
"CVE-2022-1247": {
"cmt_msg": ""
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -26489,6 +26552,9 @@
"CVE-2022-0812": {
"cmt_msg": "xprtrdma: fix incorrect header size calculations"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -26498,9 +26564,6 @@
"CVE-2013-7445": {
"cmt_msg": ""
},
- "CVE-2022-1678": {
- "cmt_msg": "tcp: optimize tcp internal pacing"
- },
"CVE-2005-3660": {
"cmt_msg": ""
},
@@ -27027,6 +27090,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -28743,6 +28809,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -30678,6 +30747,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -32712,6 +32784,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -34201,6 +34276,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -36475,6 +36553,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -39665,6 +39746,9 @@
"CVE-2020-0466": {
"cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -40793,6 +40877,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -43287,6 +43374,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -44877,6 +44967,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -45515,6 +45608,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -47924,6 +48020,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -52086,6 +52185,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -52299,6 +52401,9 @@
"CVE-2022-0812": {
"cmt_msg": "xprtrdma: fix incorrect header size calculations"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -52965,6 +53070,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -55305,6 +55413,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -55997,6 +56108,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -58355,6 +58469,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -60194,6 +60311,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -62015,6 +62135,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -62652,6 +62775,9 @@
"CVE-2020-0466": {
"cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -63678,6 +63804,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -64193,6 +64322,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -66698,6 +66830,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -67379,6 +67514,9 @@
"CVE-2021-43976": {
"cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -68315,6 +68453,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -68774,6 +68915,9 @@
"CVE-2021-43976": {
"cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -68924,9 +69068,6 @@
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
- "CVE-2022-1882": {
- "cmt_msg": ""
- },
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
@@ -69461,8 +69602,8 @@
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
- "CVE-2022-23041": {
- "cmt_msg": "xen/9p: use alloc/free_pages_exact()"
+ "CVE-2022-1882": {
+ "cmt_msg": ""
},
"CVE-2022-23040": {
"cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case"
@@ -69581,6 +69722,9 @@
"CVE-2020-27815": {
"cmt_msg": "jfs: Fix array index bounds check in dbAdjTree"
},
+ "CVE-2022-23041": {
+ "cmt_msg": "xen/9p: use alloc/free_pages_exact()"
+ },
"CVE-2022-1462": {
"cmt_msg": ""
},
@@ -69641,6 +69785,9 @@
"CVE-2021-46283": {
"cmt_msg": "netfilter: nf_tables: initialize set before expression setup"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -70048,6 +70195,9 @@
"CVE-2021-43976": {
"cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -70864,6 +71014,9 @@
"CVE-2021-46283": {
"cmt_msg": "netfilter: nf_tables: initialize set before expression setup"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -74580,6 +74733,16 @@
"cmt_id": "d59073bedb7cf752b8cd4027dd0f67cf7ac4330f"
}
},
+ "4.9.318": {
+ "CVE-2022-1966": {
+ "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier",
+ "cmt_id": "94e9b75919619ba8c4072abc4917011a7a888a79"
+ },
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "89dda10b73b7ce184caf18754907126ce7ce3fad"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -74743,6 +74906,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -74845,9 +75011,6 @@
"CVE-2021-29155": {
"cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic"
},
- "CVE-2022-1966": {
- "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier"
- },
"CVE-2017-9986": {
"cmt_msg": "sound: Retire OSS"
},
@@ -74875,9 +75038,6 @@
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -74923,6 +75083,9 @@
"CVE-2022-0812": {
"cmt_msg": "xprtrdma: fix incorrect header size calculations"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1679": {
"cmt_msg": ""
},
@@ -75527,6 +75690,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2018-1000204": {
"cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()"
},
@@ -77852,6 +78018,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -79364,6 +79533,9 @@
"CVE-2019-19319": {
"cmt_msg": "ext4: protect journal inode's blocks using block_validity"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-19462": {
"cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
},
@@ -80741,6 +80913,9 @@
"CVE-2018-7191": {
"cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2018-1000026": {
"cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware"
},
@@ -81508,6 +81683,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -83044,6 +83222,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -83639,6 +83820,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -85118,6 +85302,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -85717,6 +85904,9 @@
"CVE-2021-1048": {
"cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\""
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -87100,6 +87290,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -87733,6 +87926,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -87916,6 +88112,9 @@
"CVE-2022-20148": {
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -88623,6 +88822,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -88803,6 +89005,9 @@
"CVE-2022-20148": {
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -90301,6 +90506,10 @@
"CVE-2022-28893": {
"cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()",
"cmt_id": "e68b60ae29de10c7bd7636e227164a8dbe305a82"
+ },
+ "CVE-2022-1786": {
+ "cmt_msg": "io_uring: remove io_identity",
+ "cmt_id": "29f077d070519a88a793fbc70f1e6484dc6d9e35"
}
},
"5.10.118": {
@@ -90328,6 +90537,10 @@
}
},
"5.10.120": {
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()",
+ "cmt_id": "c0aff1faf66b6b7a19103f83e6a5d0fdc64b9048"
+ },
"CVE-2022-1852": {
"cmt_msg": "KVM: x86: avoid calling x86 emulator without a decoded instruction",
"cmt_id": "3d8fc6e28f321d753ab727e3c3e740daf36a8fa3"
@@ -90341,6 +90554,12 @@
"cmt_id": "ea62d169b6e731e0b54abda1d692406f6bc6a696"
}
},
+ "5.10.122": {
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "3be74fc0afbeadc2aff8dc69f3bf9716fbe66486"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -90426,9 +90645,6 @@
"CVE-2022-1462": {
"cmt_msg": ""
},
- "CVE-2022-1786": {
- "cmt_msg": "io_uring: remove io_identity"
- },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -90462,9 +90678,6 @@
"CVE-2022-1247": {
"cmt_msg": ""
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -90489,6 +90702,9 @@
"CVE-2022-29968": {
"cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2013-7445": {
"cmt_msg": ""
},
@@ -90969,6 +91185,9 @@
"CVE-2020-35501": {
"cmt_msg": ""
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2021-45095": {
"cmt_msg": "phonet: refcount leak in pep_sock_accep"
},
@@ -91143,6 +91362,9 @@
"CVE-2021-38206": {
"cmt_msg": "mac80211: Fix NULL ptr deref for injected rate info"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -92165,6 +92387,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -92237,6 +92462,9 @@
"CVE-2022-29968": {
"cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -92541,6 +92769,10 @@
}
},
"5.17.13": {
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()",
+ "cmt_id": "c88f3e3d243d701586239c5b69356ec2b1fd05f1"
+ },
"CVE-2022-1852": {
"cmt_msg": "KVM: x86: avoid calling x86 emulator without a decoded instruction",
"cmt_id": "dca5ea67a3e627a3022fe58722a2807c1ef61c29"
@@ -92560,6 +92792,12 @@
"cmt_id": "2088cc00491e8d25a99d0f247df843e9c3df2040"
}
},
+ "5.17.15": {
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "638556430658eca42501271edb38154264767ff5"
+ }
+ },
"outstanding": {
"CVE-2018-17977": {
"cmt_msg": ""
@@ -92702,9 +92940,6 @@
"CVE-2019-16089": {
"cmt_msg": ""
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2022-0400": {
"cmt_msg": ""
},
@@ -92765,6 +93000,9 @@
"CVE-2021-26934": {
"cmt_msg": ""
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2021-33135": {
"cmt_msg": ""
},
@@ -93086,6 +93324,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -93242,6 +93483,9 @@
"CVE-2022-1462": {
"cmt_msg": ""
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -94074,6 +94318,10 @@
}
},
"5.15.45": {
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()",
+ "cmt_id": "89ef50fe03a55feccf5681c237673a2f98161161"
+ },
"CVE-2022-1852": {
"cmt_msg": "KVM: x86: avoid calling x86 emulator without a decoded instruction",
"cmt_id": "531d1070d864c78283b7597449e60ddc53319d88"
@@ -94093,6 +94341,12 @@
"cmt_id": "61decb58486d7c0cbded25fe4d301ab4fa148cd8"
}
},
+ "5.15.47": {
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "2a0165d278973e30f2282c15c52d91788749d2d4"
+ }
+ },
"outstanding": {
"CVE-2018-17977": {
"cmt_msg": ""
@@ -94244,9 +94498,6 @@
"CVE-2019-16089": {
"cmt_msg": ""
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2022-0400": {
"cmt_msg": ""
},
@@ -94316,6 +94567,9 @@
"CVE-2021-26934": {
"cmt_msg": ""
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2021-33135": {
"cmt_msg": ""
},
@@ -94598,6 +94852,9 @@
"CVE-2019-14835": {
"cmt_msg": "vhost: make sure log_num < in_num"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2019-12379": {
"cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c"
},
@@ -96236,6 +96493,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -98363,6 +98623,16 @@
"cmt_id": "ab5b00cfe0500f5f5a3648ca945b892156b839fb"
}
},
+ "5.4.198": {
+ "CVE-2022-1966": {
+ "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier",
+ "cmt_id": "f36736fbd48491a8d85cd22f4740d542c5a1546e"
+ },
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "0c4bc0a2f8257f79a70fe02b9a698eb14695a64b"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -98463,6 +98733,9 @@
"CVE-2022-1789": {
"cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -98508,9 +98781,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-1966": {
- "cmt_msg": "netfilter: nf_tables: disallow non-stateful expression in sets earlier"
- },
"CVE-2022-29156": {
"cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case"
},
@@ -98520,9 +98790,6 @@
"CVE-2022-1247": {
"cmt_msg": ""
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -98547,6 +98814,9 @@
"CVE-2022-29968": {
"cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1972": {
"cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
},
@@ -98774,6 +99044,10 @@
}
},
"5.18.2": {
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()",
+ "cmt_id": "c9a46a3d549286861259c19af4747e12cfaeece9"
+ },
"CVE-2022-1852": {
"cmt_msg": "KVM: x86: avoid calling x86 emulator without a decoded instruction",
"cmt_id": "02ea15c02befea2539d5f0d6b60ce8df88de418b"
@@ -98793,6 +99067,12 @@
"cmt_id": "2aafbe9fb210a355d6e0e92a91f294dee80e5d44"
}
},
+ "5.18.4": {
+ "CVE-2022-32981": {
+ "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace",
+ "cmt_id": "7764a258356c454fe56b9f56fc07c0e146a3bccb"
+ }
+ },
"outstanding": {
"CVE-2018-17977": {
"cmt_msg": ""
@@ -98932,9 +99212,6 @@
"CVE-2019-16089": {
"cmt_msg": ""
},
- "CVE-2022-32981": {
- "cmt_msg": "powerpc/32: Fix overread/overwrite of thread_struct via ptrace"
- },
"CVE-2022-0400": {
"cmt_msg": ""
},
@@ -98995,6 +99272,9 @@
"CVE-2021-26934": {
"cmt_msg": ""
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2021-33135": {
"cmt_msg": ""
},
@@ -99445,6 +99725,9 @@
"CVE-2020-0466": {
"cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -100687,6 +100970,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
@@ -101132,6 +101418,9 @@
"CVE-2020-0466": {
"cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit"
},
+ "CVE-2022-2078": {
+ "cmt_msg": "netfilter: nf_tables: sanitize nft_set_desc_concat_parse()"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -102107,6 +102396,9 @@
"CVE-2021-3573": {
"cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object"
},
+ "CVE-2022-1976": {
+ "cmt_msg": "io_uring: reinstate the inflight tracking"
+ },
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index bbddaef..614e5f6 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -30903,6 +30903,12 @@
"fixed_version": "5.17.2"
}
},
+ "CVE-2022-1678": {
+ "4.19": {
+ "cmt_id": "0a70f118475e037732557796accd0878a00fc25a",
+ "fixed_version": "4.19.228"
+ }
+ },
"CVE-2022-1729": {
"4.14": {
"cmt_id": "dee63319e2d1abd5d37a89de046ccf32ca8a8451",
@@ -30967,6 +30973,12 @@
"fixed_version": "5.4.193"
}
},
+ "CVE-2022-1786": {
+ "5.10": {
+ "cmt_id": "29f077d070519a88a793fbc70f1e6484dc6d9e35",
+ "fixed_version": "5.10.117"
+ }
+ },
"CVE-2022-1789": {
"5.10": {
"cmt_id": "9b4aa0d80b18b9d19e62dd47d22e274ce92cdc95",
@@ -31044,6 +31056,18 @@
}
},
"CVE-2022-1966": {
+ "4.14": {
+ "cmt_id": "5b732a9e8e22395d911b3e6c343cbed0e1cec275",
+ "fixed_version": "4.14.283"
+ },
+ "4.19": {
+ "cmt_id": "ed44398b45add3d9be56b7457cc9e05282e518b4",
+ "fixed_version": "4.19.247"
+ },
+ "4.9": {
+ "cmt_id": "94e9b75919619ba8c4072abc4917011a7a888a79",
+ "fixed_version": "4.9.318"
+ },
"5.10": {
"cmt_id": "ea62d169b6e731e0b54abda1d692406f6bc6a696",
"fixed_version": "5.10.120"
@@ -31059,6 +31083,10 @@
"5.18": {
"cmt_id": "8f44c83e51b4ca49c815f8dd0d9c38f497cdbcb0",
"fixed_version": "5.18.2"
+ },
+ "5.4": {
+ "cmt_id": "f36736fbd48491a8d85cd22f4740d542c5a1546e",
+ "fixed_version": "5.4.198"
}
},
"CVE-2022-1972": {
@@ -31291,6 +31319,24 @@
"fixed_version": "5.4.170"
}
},
+ "CVE-2022-2078": {
+ "5.10": {
+ "cmt_id": "c0aff1faf66b6b7a19103f83e6a5d0fdc64b9048",
+ "fixed_version": "5.10.120"
+ },
+ "5.15": {
+ "cmt_id": "89ef50fe03a55feccf5681c237673a2f98161161",
+ "fixed_version": "5.15.45"
+ },
+ "5.17": {
+ "cmt_id": "c88f3e3d243d701586239c5b69356ec2b1fd05f1",
+ "fixed_version": "5.17.13"
+ },
+ "5.18": {
+ "cmt_id": "c9a46a3d549286861259c19af4747e12cfaeece9",
+ "fixed_version": "5.18.2"
+ }
+ },
"CVE-2022-21499": {
"5.10": {
"cmt_id": "a8f4d63142f947cd22fa615b8b3b8921cdaf4991",
@@ -32134,5 +32180,39 @@
"cmt_id": "e3ee7bb47d6509c3e8a3e96e5d8e3bf21549b6e8",
"fixed_version": "5.17.9"
}
+ },
+ "CVE-2022-32981": {
+ "4.14": {
+ "cmt_id": "d13c94c4b6f816e79b8e4df193db1bdcc7253610",
+ "fixed_version": "4.14.283"
+ },
+ "4.19": {
+ "cmt_id": "a0e38a2808ea708beb4196a8873cecc23efb8e64",
+ "fixed_version": "4.19.247"
+ },
+ "4.9": {
+ "cmt_id": "89dda10b73b7ce184caf18754907126ce7ce3fad",
+ "fixed_version": "4.9.318"
+ },
+ "5.10": {
+ "cmt_id": "3be74fc0afbeadc2aff8dc69f3bf9716fbe66486",
+ "fixed_version": "5.10.122"
+ },
+ "5.15": {
+ "cmt_id": "2a0165d278973e30f2282c15c52d91788749d2d4",
+ "fixed_version": "5.15.47"
+ },
+ "5.17": {
+ "cmt_id": "638556430658eca42501271edb38154264767ff5",
+ "fixed_version": "5.17.15"
+ },
+ "5.18": {
+ "cmt_id": "7764a258356c454fe56b9f56fc07c0e146a3bccb",
+ "fixed_version": "5.18.4"
+ },
+ "5.4": {
+ "cmt_id": "0c4bc0a2f8257f79a70fe02b9a698eb14695a64b",
+ "fixed_version": "5.4.198"
+ }
}
}
\ No newline at end of file
