--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: kavita/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |

Expand...

A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.allowPrivilegeEscalation' to false

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001

| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |

Expand...

The container should drop all default capabilities and add only those that are needed for its execution.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should add 'ALL' to 'securityContext.capabilities.drop'

Expand...

https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003

| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |

Expand...

Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.limits.cpu'

Expand...

https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

Expand...

'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsNonRoot' to true

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |

Expand...

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.readOnlyRootFilesystem' to true

Expand...

https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014

| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |

Expand...

When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.requests.cpu'

Expand...

https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015

| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |

Expand...

When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.requests.memory'

Expand...

https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016

Expand...

Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.privileged' to false

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017

| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |

Expand...

Enforcing memory limits prevents DoS via resource exhaustion.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'resources.limits.memory'

Expand...

https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsUser' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'RELEASE-NAME-kavita' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'autopermissions' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.

Container 'hostpatch' of Deployment 'RELEASE-NAME-kavita' should set 'securityContext.runAsGroup' > 10000

Expand...

https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Expand...

HostPath volumes must be forbidden.

Deployment 'RELEASE-NAME-kavita' should not set 'spec.template.volumes.hostPath'

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023

| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |

Expand...

Containers should be forbidden from running with a root primary or supplementary GID.

Deployment 'RELEASE-NAME-kavita' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0

Expand...

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029

| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/kavita:v0.5.1@sha256:e584e22d7382b98b0b49fbc6ec97115f82d57ca556c943268c0ced5bd567b25e ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | No Vulnerabilities found | |:---------------------------------| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | No Vulnerabilities found | |:---------------------------------| #### Container: tccr.io/truecharts/kavita:v0.5.1@sha256:e584e22d7382b98b0b49fbc6ec97115f82d57ca556c943268c0ced5bd567b25e (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | |

Expand...

http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2

| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |

Expand...

http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/

Expand...

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html

| | krb5-locales | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1

Expand...

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://linux.oracle.com/cve/CVE-2021-3999.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2
https://www.openwall.com/lists/oss-security/2022/01/24/4

Expand...

http://openwall.com/lists/oss-security/2017/03/01/10
http://www.securityfocus.com/bid/96525
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228
https://linux.oracle.com/cve/CVE-2016-10228.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/show_bug.cgi?id=19519
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
https://ubuntu.com/security/notices/USN-5310-1

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://ubuntu.com/security/notices/USN-5310-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
https://ubuntu.com/security/notices/USN-5310-1

Expand...

http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
https://ubuntu.com/security/notices/USN-5310-1
https://www.oracle.com/security-alerts/cpujan2022.html

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
https://ubuntu.com/security/notices/USN-5310-1

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://linux.oracle.com/cve/CVE-2022-23218.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://linux.oracle.com/cve/CVE-2022-23219.html
https://linux.oracle.com/errata/ELSA-2022-9234.html
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
https://ubuntu.com/security/notices/USN-5310-1
https://ubuntu.com/security/notices/USN-5310-2

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

Expand...

| | libcairo2 | CVE-2017-7475 | LOW | 1.16.0-4ubuntu1 | |

Expand...

http://seclists.org/oss-sec/2017/q2/151
https://bugs.freedesktop.org/show_bug.cgi?id=100763
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
https://github.com/advisories/GHSA-5v3f-73gv-x7x5
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2017-7475

| | libcairo2 | CVE-2017-9814 | LOW | 1.16.0-4ubuntu1 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00042.html
https://bugs.freedesktop.org/show_bug.cgi?id=101547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9814
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/201904-01

| | libcairo2 | CVE-2018-18064 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064
https://gitlab.freedesktop.org/cairo/cairo/issues/341
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo2 | CVE-2019-6461 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/352
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libcairo2 | CVE-2019-6462 | LOW | 1.16.0-4ubuntu1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
https://github.com/TeamSeri0us/pocs/tree/master/gerbv
https://gitlab.freedesktop.org/cairo/cairo/issues/353
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085

Expand...

http://www.openwall.com/lists/oss-security/2022/02/19/1
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085

Expand...

http://www.openwall.com/lists/oss-security/2022/01/17/3
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-0951.html
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05

Expand...

Expand...

| | libgif7 | CVE-2020-23922 | LOW | 5.1.9-1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23922
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://sourceforge.net/p/giflib/bugs/151/

| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |

Expand...

https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html

Expand...

| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build1 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html

Expand...

| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

Expand...

| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |

Expand...

Expand...

Expand...

| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |

Expand...

http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt

| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-9239.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00002.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H26R4SMGM3WHXX4XYNNJB4YGFIL5UNF4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZC6BMPI3V3MC2IGNLN377ETUWO7QBIH/
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
https://www.debian.org/security/2022/dsa-5087

Expand...

Expand...

| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | |

Expand...

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/

| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | |

Expand...

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/

| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | |

Expand...

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/

| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | |

Expand...

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/

Expand...

Expand...

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768

| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/

| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/

| | libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9246.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt

| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.16.0-2 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json
https://gitlab.com/libtiff/libtiff/-/commit/a1c933dabd0e1c54a412f3f84ae0aa58115c6067
https://gitlab.com/libtiff/libtiff/-/issues/385
https://gitlab.com/libtiff/libtiff/-/merge_requests/306
https://www.debian.org/security/2022/dsa-5108

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json
https://gitlab.com/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/libtiff/libtiff/-/issues/380
https://gitlab.com/libtiff/libtiff/-/issues/382
https://www.debian.org/security/2022/dsa-5108

| | libtiff5 | CVE-2018-10126 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

| | libtiff5 | CVE-2020-35522 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1932037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35522
https://gitlab.com/libtiff/libtiff/-/merge_requests/165
https://linux.oracle.com/cve/CVE-2020-35522.html
https://linux.oracle.com/errata/ELSA-2021-4241.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/
https://security.gentoo.org/glsa/202104-06
https://security.netapp.com/advisory/ntap-20210521-0009/

| | libtiff5 | CVE-2022-0561 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://security.netapp.com/advisory/ntap-20220318-0001/
https://www.debian.org/security/2022/dsa-5108

| | libtiff5 | CVE-2022-0562 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562
https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://security.netapp.com/advisory/ntap-20220318-0001/
https://www.debian.org/security/2022/dsa-5108

| | libtiff5 | CVE-2022-22844 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844
https://gitlab.com/libtiff/libtiff/-/issues/355
https://gitlab.com/libtiff/libtiff/-/merge_requests/287
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://security.netapp.com/advisory/ntap-20220311-0002/
https://www.debian.org/security/2022/dsa-5108

Expand...

Expand...

| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |

Expand...

Expand...

https://access.redhat.com/security/cve/CVE-2022-23308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
https://linux.oracle.com/cve/CVE-2022-23308.html
https://linux.oracle.com/errata/ELSA-2022-0899.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
https://ubuntu.com/security/notices/USN-5324-1

| | linux-libc-dev | CVE-2022-0001 | HIGH | 5.4.0-99.112 | 5.4.0-104.118 |

Expand...

http://www.openwall.com/lists/oss-security/2022/03/18/2
https://community.intel.com/t5/Blogs/Products-and-Solutions/Security/Chips-Salsa-Episode-12-March-2022-Security-Advisories/post/1365250
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0001
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html
https://ubuntu.com/security/notices/USN-5317-1
https://ubuntu.com/security/notices/USN-5318-1
https://ubuntu.com/security/notices/USN-5319-1
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html
https://www.vusec.net/projects/bhi-spectre-bhb/

| | linux-libc-dev | CVE-2022-0002 | HIGH | 5.4.0-99.112 | 5.4.0-104.118 |

Expand...

http://www.openwall.com/lists/oss-security/2022/03/18/2
https://community.intel.com/t5/Blogs/Products-and-Solutions/Security/Chips-Salsa-Episode-12-March-2022-Security-Advisories/post/1365250
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0002
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html
https://ubuntu.com/security/notices/USN-5317-1
https://ubuntu.com/security/notices/USN-5318-1
https://ubuntu.com/security/notices/USN-5319-1
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html
https://www.vusec.net/projects/bhi-spectre-bhb/

| | linux-libc-dev | CVE-2022-0492 | HIGH | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=2051505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0492
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
https://linux.oracle.com/cve/CVE-2022-0492.html
https://linux.oracle.com/errata/ELSA-2022-9245.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5302-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://ubuntu.com/security/notices/USN-5339-1
https://ubuntu.com/security/notices/USN-5343-1
https://www.debian.org/security/2022/dsa-5095
https://www.debian.org/security/2022/dsa-5096
https://www.openwall.com/lists/oss-security/2022/02/04/1

| | linux-libc-dev | CVE-2022-23960 | HIGH | 5.4.0-99.112 | 5.4.0-104.118 |

Expand...

http://www.openwall.com/lists/oss-security/2022/03/18/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960
https://developer.arm.com/documentation/ka004995/latest/
https://developer.arm.com/support/arm-security-updates
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb
https://linux.oracle.com/cve/CVE-2022-23960.html
https://linux.oracle.com/errata/ELSA-2022-9245.html
https://ubuntu.com/security/notices/USN-5317-1
https://ubuntu.com/security/notices/USN-5318-1
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI
https://www.vusec.net/projects/bhi-spectre-bhb/

| | linux-libc-dev | CVE-2022-25636 | HIGH | 5.4.0-99.112 | 5.4.0-104.118 |

Expand...

http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
http://www.openwall.com/lists/oss-security/2022/02/22/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636
https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6
https://github.com/Bonfee/CVE-2022-25636
https://linux.oracle.com/cve/CVE-2022-25636.html
https://linux.oracle.com/errata/ELSA-2022-9245.html
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
https://security.netapp.com/advisory/ntap-20220325-0002/
https://ubuntu.com/security/notices/USN-5317-1
https://ubuntu.com/security/notices/USN-5318-1
https://www.debian.org/security/2022/dsa-5095
https://www.openwall.com/lists/oss-security/2022/02/21/2

| | linux-libc-dev | CVE-2013-7445 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.kernel.org/show_bug.cgi?id=60533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7445
https://lists.freedesktop.org/archives/dri-devel/2015-September/089778.html (potential start towards fixing)

| | linux-libc-dev | CVE-2015-8553 | MEDIUM | 5.4.0-99.112 | |

Expand...

http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1930758 (regression mention)
http://xenbits.xen.org/xsa/advisory-120.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8553
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497

| | linux-libc-dev | CVE-2016-8660 | MEDIUM | 5.4.0-99.112 | |

Expand...

http://www.openwall.com/lists/oss-security/2016/10/13/8
http://www.securityfocus.com/bid/93558
https://bugzilla.redhat.com/show_bug.cgi?id=1384851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8660
https://lore.kernel.org/linux-xfs/895314622.769515.1476375930648.JavaMail.zimbra@redhat.com/
https://marc.info/?l=linux-fsdevel&m=147639177409294&w=2
https://marc.info/?l=linux-xfs&m=149498118228320&w=2

| | linux-libc-dev | CVE-2018-17977 | MEDIUM | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/105539
https://bugzilla.suse.com/show_bug.cgi?id=1111609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17977
https://www.openwall.com/lists/oss-security/2018/10/05/5

| | linux-libc-dev | CVE-2020-12362 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12362
https://linux.oracle.com/cve/CVE-2020-12362.html
https://linux.oracle.com/errata/ELSA-2021-9434.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

| | linux-libc-dev | CVE-2020-24504 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24504
https://linux.oracle.com/cve/CVE-2020-24504.html
https://linux.oracle.com/errata/ELSA-2021-4356.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html

| | linux-libc-dev | CVE-2020-27835 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1901709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27835
https://git.kernel.org/linus/3d2a9d642512c21a12d19b9250e7a835dcb41a79
https://linux.oracle.com/cve/CVE-2020-27835.html
https://linux.oracle.com/errata/ELSA-2021-1578.html
https://ubuntu.com/security/notices/USN-4751-1

| | linux-libc-dev | CVE-2020-36310 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1769283#c148
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36310
https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e
https://linux.oracle.com/cve/CVE-2020-36310.html
https://linux.oracle.com/errata/ELSA-2021-9307.html
https://www.debian.org/security/2022/dsa-5095

| | linux-libc-dev | CVE-2021-20320 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2010090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20320
https://lore.kernel.org/bpf/20210902185229.1840281-1-johan.almbladh@anyfinetworks.com/

| | linux-libc-dev | CVE-2021-22600 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22600
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5266-1
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5295-1
https://ubuntu.com/security/notices/USN-5295-2
https://ubuntu.com/security/notices/USN-5298-1
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-26932 | MEDIUM | 5.4.0-99.112 | |

Expand...

http://xenbits.xen.org/xsa/advisory-361.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932
https://linux.oracle.com/cve/CVE-2021-26932.html
https://linux.oracle.com/errata/ELSA-2021-9136.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWQWPWYZRXVFJI5M3VCM72X27IB7CKOB/
https://security.netapp.com/advisory/ntap-20210326-0001/
https://www.openwall.com/lists/oss-security/2021/02/16/3
https://xenbits.xen.org/xsa/advisory-361.html

| | linux-libc-dev | CVE-2021-28714 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28714
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5298-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096
https://xenbits.xen.org/xsa/advisory-392.html
https://xenbits.xenproject.org/xsa/advisory-392.txt

| | linux-libc-dev | CVE-2021-28715 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28715
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5298-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096
https://xenbits.xen.org/xsa/advisory-392.html
https://xenbits.xenproject.org/xsa/advisory-392.txt

| | linux-libc-dev | CVE-2021-3864 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3864
https://lore.kernel.org/all/20211221021744.864115-1-longman@redhat.com
https://lore.kernel.org/all/20211226150310.GA992@1wt.eu/
https://lore.kernel.org/lkml/20211228170910.623156-1-wander@redhat.com
https://www.openwall.com/lists/oss-security/2021/10/20/2

| | linux-libc-dev | CVE-2021-39685 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39685
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=36dfdf11af49d3c009c711fb16f5c6e7a274505d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=6eea4ace62fa6414432692ee44f0c0a3d541d97a
https://github.com/szymonh/inspector-gadget
https://gitlab.com/postmarketOS/pmaports/-/issues/1346
https://linux.oracle.com/cve/CVE-2021-39685.html
https://linux.oracle.com/errata/ELSA-2022-9245.html
https://source.android.com/security/bulletin/2022-03-01
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5298-1
https://ubuntu.com/security/notices/USN-5337-1
https://www.openwall.com/lists/oss-security/2021/12/15/4

| | linux-libc-dev | CVE-2021-4001 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2025645
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4001
https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=353050be4c19e102178ccc05988101887c25ae53
https://ubuntu.com/security/notices/USN-5207-1
https://ubuntu.com/security/notices/USN-5265-1
https://ubuntu.com/security/notices/USN-5278-1

| | linux-libc-dev | CVE-2021-4083 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2029923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4083
https://git.kernel.org/linus/054aa8d439b9185d4f5eb9a90282d1ce74772969 (5.16-rc4)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://security.netapp.com/advisory/ntap-20220217-0005/
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5295-1
https://ubuntu.com/security/notices/USN-5295-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5298-1
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-4135 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4135
https://git.kernel.org/linus/481221775d53d6215a6e5e9ce1cce6d2b4ab9a46 (5.16-rc6)
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=481221775d53
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1

| | linux-libc-dev | CVE-2021-4148 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2026487
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4148
https://lkml.org/lkml/2021/9/12/323
https://lkml.org/lkml/2021/9/17/1037
https://lore.kernel.org/linux-mm/a07564a3-b2fc-9ffe-3ace-3f276075ea5c@google.com/
https://lore.kernel.org/lkml/CACkBjsYwLYLRmX8GpsDpMthagWOjWWrNxqY6ZLNQVr6yx+f5vA@mail.gmail.com/
https://lore.kernel.org/lkml/CAHbLzkrdGva2dzO36r62LKv_ip5trbMK0BO3vCeSBk2_7OE-zA@mail.gmail.com/

| | linux-libc-dev | CVE-2021-4150 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2025938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4150
https://git.kernel.org/linus/9fbfabfda25d8774c5a08634fdd2da000a924890 (5.15-rc7)
https://lkml.org/lkml/2021/10/18/485
https://lkml.org/lkml/2021/9/6/781

| | linux-libc-dev | CVE-2021-4155 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4155
https://git.kernel.org/linus/983d8e60f50806f90534cc5373d0ce867e5aaf79 (5.16)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79
https://linux.oracle.com/cve/CVE-2021-4155.html
https://linux.oracle.com/errata/ELSA-2022-9148.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5295-1
https://ubuntu.com/security/notices/USN-5295-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5298-1
https://www.openwall.com/lists/oss-security/2022/01/10/1

| | linux-libc-dev | CVE-2021-4159 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4159

| | linux-libc-dev | CVE-2021-4197 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2035652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4197
https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1

| | linux-libc-dev | CVE-2021-4202 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2036682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4202
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15
https://ubuntu.com/security/notices/USN-5265-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5298-1

| | linux-libc-dev | CVE-2021-4218 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4218

| | linux-libc-dev | CVE-2021-43975 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43975
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/
https://lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify@kernel.org/T/
https://security.netapp.com/advisory/ntap-20211210-0001/
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5337-1
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-44733 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2030747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44733
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/tee/tee_shm.c
https://github.com/pjlantz/optee-qemu/blob/main/README.md
https://linux.oracle.com/cve/CVE-2021-44733.html
https://linux.oracle.com/errata/ELSA-2022-9148.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/
https://lore.kernel.org/lkml/20211215092501.1861229-1-jens.wiklander@linaro.org/
https://security.netapp.com/advisory/ntap-20220114-0003/
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://ubuntu.com/security/notices/USN-5339-1
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-44879 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.kernel.org/show_bug.cgi?id=215231
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44879
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f
https://lkml.org/lkml/2022/1/24/4067
https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T/
https://ubuntu.com/security/notices/USN-5302-1
https://www.openwall.com/lists/oss-security/2022/02/12/1

| | linux-libc-dev | CVE-2021-45095 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45095
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=bcd0f93353326954817a4f9fa55ec57fb38acbb0
https://github.com/torvalds/linux/commit/bcd0f93353326954817a4f9fa55ec57fb38acbb0
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lore.kernel.org/all/20211209082839.33985-1-hbh25y@gmail.com/
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://ubuntu.com/security/notices/USN-5339-1
https://ubuntu.com/security/notices/USN-5343-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-45469 | MEDIUM | 5.4.0-99.112 | |

Expand...

http://www.openwall.com/lists/oss-security/2021/12/25/1
https://bugzilla.kernel.org/show_bug.cgi?id=215235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45469
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=dev&id=5598b24efaf4892741c798b425d543e4bed357a1
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK2C4A43BZSWATZWFUHHHUQF3HPIALNP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QG7XV2WXKMSMKIQKIBG5LW3Y3GXEWG5Q/
https://security.netapp.com/advisory/ntap-20220114-0003/
https://ubuntu.com/security/notices/USN-5343-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-45480 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.11
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45480
https://git.kernel.org/linus/5f9562ebe710c307adc5f666bf1a2162ee7977c0
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f9562ebe710c307adc5f666bf1a2162ee7977c0
https://github.com/torvalds/linux/commit/5f9562ebe710c307adc5f666bf1a2162ee7977c0
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2022-0330 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2042404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0330
https://git.kernel.org/linus/7938d61591d33394a21bdd7797a245b65428f44c
https://linux.oracle.com/cve/CVE-2022-0330.html
https://linux.oracle.com/errata/ELSA-2022-9245.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5295-1
https://ubuntu.com/security/notices/USN-5295-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5298-1
https://www.openwall.com/lists/oss-security/2022/01/25/12

| | linux-libc-dev | CVE-2022-0382 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0382
https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1

| | linux-libc-dev | CVE-2022-0400 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2040604
https://bugzilla.redhat.com/show_bug.cgi?id=2040604 (not public)
https://bugzilla.redhat.com/show_bug.cgi?id=2044575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0400

| | linux-libc-dev | CVE-2022-0435 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2048738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0435
https://linux.oracle.com/cve/CVE-2022-0435.html
https://linux.oracle.com/errata/ELSA-2022-9245.html
https://ubuntu.com/security/notices/USN-5302-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://ubuntu.com/security/notices/USN-5339-1
https://www.openwall.com/lists/oss-security/2022/02/10/1

| | linux-libc-dev | CVE-2022-0480 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2049700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0480
https://git.kernel.org/linus/0f12156dff2862ac54235fc72703f18770769042 (5.15-rc1)
https://github.com/kata-containers/kata-containers/issues/3373
https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm@linux-foundation.org/

| | linux-libc-dev | CVE-2022-0487 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2044561
https://bugzilla.suse.com/show_bug.cgi?id=1194516
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0487
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd2db32e7c3e35bd4d9b8bbff689434a50893546
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/
https://lore.kernel.org/all/20220127071638.4057899-1-gregkh@linuxfoundation.org/
https://www.debian.org/security/2022/dsa-5095
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2022-0500 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2044578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0500
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57

| | linux-libc-dev | CVE-2022-0516 | MEDIUM | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2050237
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0516
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55
https://linux.oracle.com/cve/CVE-2022-0516.html
https://linux.oracle.com/errata/ELSA-2022-0825.html
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5092
https://www.openwall.com/lists/oss-security/2022/02/11/2

| | linux-libc-dev | CVE-2022-0998 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-0998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0998
https://git.kernel.org/linus/870aaff92e959e29d40f9cfdb5ed06ba2fc2dae0 (5.17-rc1)
https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal@kernel.org/

| | linux-libc-dev | CVE-2022-22942 | MEDIUM | 5.4.0-99.112 | 5.4.0-100.113 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22942
https://linux.oracle.com/cve/CVE-2022-22942.html
https://linux.oracle.com/errata/ELSA-2022-0825.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5294-1
https://ubuntu.com/security/notices/USN-5294-2
https://ubuntu.com/security/notices/USN-5295-1
https://ubuntu.com/security/notices/USN-5295-2
https://ubuntu.com/security/notices/USN-5297-1
https://ubuntu.com/security/notices/USN-5298-1
https://www.openwall.com/lists/oss-security/2022/01/27/4

| | linux-libc-dev | CVE-2022-23036 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23036
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-23037 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23037
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-23038 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23038
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-23039 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23039
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-23040 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23040
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-23041 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23041
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-23042 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23042
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt

| | linux-libc-dev | CVE-2022-24958 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24958
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=501e38a5531efbd77d5c73c0ba838a889bfc1d74
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=89f3594d0de58e8a57d92d497dea9fee3d4b9cda
https://github.com/torvalds/linux/commit/501e38a5531efbd77d5c73c0ba838a889bfc1d74
https://github.com/torvalds/linux/commit/89f3594d0de58e8a57d92d497dea9fee3d4b9cda
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUVZA2YVOQJBJTDIDQ5HF5TAU2C6WP6H/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P/
https://security.netapp.com/advisory/ntap-20220225-0008/

| | linux-libc-dev | CVE-2022-25258 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25258
https://github.com/szymonh/d-os-descriptor
https://github.com/torvalds/linux/commit/75e5b4849b81e19e9efe1654b30d7f3151c33c2c
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P/
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2022-25375 | MEDIUM | 5.4.0-99.112 | |

Expand...

http://www.openwall.com/lists/oss-security/2022/02/21/1
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25375
https://git.kernel.org/linus/38ea1eac7d88072bbffb630e2b3db83ca649b826 (5.17-rc4)
https://github.com/szymonh/rndis-co
https://github.com/torvalds/linux/commit/38ea1eac7d88072bbffb630e2b3db83ca649b826
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2022-26490 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26490
https://git.kernel.org/linux/4fbcc1a4cb20fe26ad0225679c536c80f1648221 (5.17-rc1)
https://github.com/torvalds/linux/commit/4fbcc1a4cb20fe26ad0225679c536c80f1648221
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/

| | linux-libc-dev | CVE-2022-26966 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26966
https://git.kernel.org/linus/e9da0b56fe27206b49f39805f7dcda8a89379062 (5.17-rc6)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9da0b56fe27206b49f39805f7dcda8a89379062

| | linux-libc-dev | CVE-2022-27223 | MEDIUM | 5.4.0-99.112 | |

Expand...

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27223
https://git.kernel.org/linus/7f14c7227f342d9932f9b918893c8814f86d2a0d (5.17-rc6)
https://github.com/torvalds/linux/commit/7f14c7227f342d9932f9b918893c8814f86d2a0d

| | linux-libc-dev | CVE-2017-0537 | LOW | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/96831
http://www.securitytracker.com/id/1037968
https://android.googlesource.com/kernel/tegra.git/+/389b185cb2f17fff994dbdf8d4bac003d4b2b6b3%5E%21/#F0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0537
https://lore.kernel.org/lkml/1484647168-30135-1-git-send-email-jilin@nvidia.com/#t
https://source.android.com/security/bulletin/2017-01-01.html
https://source.android.com/security/bulletin/2017-03-01
https://source.android.com/security/bulletin/2017-03-01.html

| | linux-libc-dev | CVE-2017-13165 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13165
https://github.com/aosp-mirror/platform_system_core/commit/15ffc53f6d57a46e3041453865311035a18e047a
https://source.android.com/security/bulletin/pixel/2017-12-01

| | linux-libc-dev | CVE-2017-13693 | LOW | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/100502
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13693
https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732
https://patchwork.kernel.org/patch/9919053/

| | linux-libc-dev | CVE-2018-1121 | LOW | 5.4.0-99.112 | |

Expand...

http://seclists.org/oss-sec/2018/q2/122
http://www.securityfocus.com/bid/104214
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1121
https://www.exploit-db.com/exploits/44806/
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

| | linux-libc-dev | CVE-2018-12928 | LOW | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/104593
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12928
https://groups.google.com/forum/#!msg/syzkaller-bugs/9SgQk_6tSZ4/zLhTm4r1AwAJ
https://lore.kernel.org/linux-fsdevel/20180418173028.GA30953@bombadil.infradead.org/
https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2

| | linux-libc-dev | CVE-2018-12929 | LOW | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12929
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

| | linux-libc-dev | CVE-2018-12930 | LOW | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12930
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

| | linux-libc-dev | CVE-2018-12931 | LOW | 5.4.0-99.112 | |

Expand...

http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12931
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

| | linux-libc-dev | CVE-2019-14899 | LOW | 5.4.0-99.112 | |

Expand...

http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Jul/23
http://seclists.org/fulldisclosure/2020/Jul/24
http://seclists.org/fulldisclosure/2020/Jul/25
http://seclists.org/fulldisclosure/2020/Nov/20
http://www.openwall.com/lists/oss-security/2020/08/13/2
http://www.openwall.com/lists/oss-security/2020/10/07/3
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14899
https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/
https://support.apple.com/kb/HT211288
https://support.apple.com/kb/HT211289
https://support.apple.com/kb/HT211290
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://www.openwall.com/lists/oss-security/2019/12/05/1

| | linux-libc-dev | CVE-2019-15213 | LOW | 5.4.0-99.112 | |

Expand...

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
http://www.openwall.com/lists/oss-security/2019/08/20/2
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15213
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7
https://linux.oracle.com/cve/CVE-2019-15213.html
https://linux.oracle.com/errata/ELSA-2019-4872.html
https://lore.kernel.org/linux-media/fe983331d14442a96db3f71066ca0488a8921840.camel@decadent.org.uk/
https://security.netapp.com/advisory/ntap-20190905-0002/
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced

| | linux-libc-dev | CVE-2019-16230 | LOW | 5.4.0-99.112 | |

Expand...

https://bugzilla.suse.com/show_bug.cgi?id=1150468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16230
https://lkml.org/lkml/2019/9/9/487
https://security.netapp.com/advisory/ntap-20191004-0001/

| | linux-libc-dev | CVE-2019-19378 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19378
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378
https://security.netapp.com/advisory/ntap-20200103-0001/

| | linux-libc-dev | CVE-2019-19814 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19814
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814
https://security.netapp.com/advisory/ntap-20200103-0001/

| | linux-libc-dev | CVE-2020-11725 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11725
https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/
https://twitter.com/yabbadabbadrew/status/1248632267028582400

| | linux-libc-dev | CVE-2020-12363 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363
https://linux.oracle.com/cve/CVE-2020-12363.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

| | linux-libc-dev | CVE-2020-12364 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364
https://linux.oracle.com/cve/CVE-2020-12364.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

| | linux-libc-dev | CVE-2020-14304 | LOW | 5.4.0-99.112 | |

Expand...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960702
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14304
https://linux.oracle.com/cve/CVE-2020-14304.html
https://linux.oracle.com/errata/ELSA-2021-9410.html
https://lore.kernel.org/netdev/20200517172053.GA734488@decadent.org.uk/T/

| | linux-libc-dev | CVE-2020-27820 | LOW | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1901726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27820
https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/
https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/
https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/
https://lore.kernel.org/dri-devel/20201125202648.5220-1-jcline@redhat.com/
https://ubuntu.com/security/notices/USN-5265-1
https://ubuntu.com/security/notices/USN-5278-1

| | linux-libc-dev | CVE-2020-35501 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35501
https://listman.redhat.com/archives/linux-audit/2018-July/msg00041.html
https://www.openwall.com/lists/oss-security/2021/02/18/1

| | linux-libc-dev | CVE-2021-26934 | LOW | 5.4.0-99.112 | |

Expand...

http://xenbits.xen.org/xsa/advisory-363.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26934
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GELN5E6MDR5KQBJF5M5COUUED3YFZTD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOAJBVAVR6RSCUCHNXPVSNRPSFM7INMP/
https://security.netapp.com/advisory/ntap-20210326-0001/
https://www.openwall.com/lists/oss-security/2021/02/16/2
https://xenbits.xen.org/xsa/advisory-363.html

| | linux-libc-dev | CVE-2021-28711 | LOW | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28711
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5298-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096
https://xenbits.xen.org/xsa/advisory-391.html
https://xenbits.xenproject.org/xsa/advisory-391.txt

| | linux-libc-dev | CVE-2021-28712 | LOW | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28712
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5298-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096
https://xenbits.xen.org/xsa/advisory-391.html
https://xenbits.xenproject.org/xsa/advisory-391.txt

| | linux-libc-dev | CVE-2021-28713 | LOW | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28713
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5298-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5338-1
https://www.debian.org/security/2022/dsa-5050
https://www.debian.org/security/2022/dsa-5096
https://xenbits.xen.org/xsa/advisory-391.html
https://xenbits.xenproject.org/xsa/advisory-391.txt

| | linux-libc-dev | CVE-2021-32078 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32078
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=298a58e165e447ccfaae35fe9f651f9d7e15166f
https://git.kernel.org/linus/298a58e165e447ccfaae35fe9f651f9d7e15166f (5.13-rc1)
https://github.com/torvalds/linux/commit/298a58e165e447ccfaae35fe9f651f9d7e15166f
https://kirtikumarar.com/CVE-2021-32078.txt
https://security.netapp.com/advisory/ntap-20210813-0002/

| | linux-libc-dev | CVE-2021-34981 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34981
https://git.kernel.org/linus/3cfdf8fcaafa62a4123f92eb0f4a72650da3a479 (5.14-rc1)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3cfdf8fcaafa62a4123f92eb0f4a72650da3a479
https://www.zerodayinitiative.com/advisories/ZDI-21-1223/

| | linux-libc-dev | CVE-2021-3669 | LOW | 5.4.0-99.112 | |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3669
https://lore.kernel.org/all/20210809203554.1562989-1-aquini@redhat.com/

| | linux-libc-dev | CVE-2021-3772 | LOW | 5.4.0-99.112 | |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=2000694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://ubuntu.com/security/CVE-2021-3772
https://ubuntu.com/security/notices/USN-5165-1
https://ubuntu.com/security/notices/USN-5265-1
https://www.debian.org/security/2022/dsa-5096

| | linux-libc-dev | CVE-2021-43976 | LOW | 5.4.0-99.112 | 5.4.0-105.119 |

Expand...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43976
https://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/
https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/
https://security.netapp.com/advisory/ntap-20211210-0001/
https://ubuntu.com/security/notices/USN-5302-1
https://ubuntu.com/security/notices/USN-5338-1
https://ubuntu.com/security/notices/USN-5339-1
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096

| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Expand...

https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235

Expand...

Expand...

Expand...

| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |

Expand...

Expand...

http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan

| | tar | CVE-2021-20193 | LOW | 1.30+dfsg-7ubuntu0.20.04.1 | 1.30+dfsg-7ubuntu0.20.04.2 |

Expand...

https://bugzilla.redhat.com/show_bug.cgi?id=1917565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
https://savannah.gnu.org/bugs/?59897
https://security.gentoo.org/glsa/202105-29
https://ubuntu.com/security/notices/USN-5329-1

Expand...

Expand...

Expand...

http://www.openwall.com/lists/oss-security/2022/03/25/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://www.openwall.com/lists/oss-security/2022/03/24/1