This is an old revision of the document!
Project | Subject | Reported | Coordinated Release Date | Time of oss-security posting | CVE(s) | Days embargoed (scheduled) | Days embargoed (oss-security) |
---|---|---|---|---|---|---|---|
August | |||||||
pcs | PCS Security Issue | 2022-08-25T14:44:38+00:00 | 2022-09-01T14:00:00+00:00 | 2022-09-01T14:00:58+00:00 | CVE-2022-2735 | 6.96 | 6.96 |
DPDK | CVE-2022-2132 public disclosure date notice [vs-plain] | 2022-08-25T08:44:16+00:00 | 2022-08-29T15:00:00+00:00 | 2022-08-29T18:12:18+00:00 | CVE-2022-2132 | 4.25 | 4.38 |
curl: control code in cookie denial of service | 2022-08-22T06:45:35+00:00 | 2022-08-31T23:59:58+00:00 | 2022-08-31T06:31:44+00:00 | CVE-2022-35252 | 9.71 | 8.96 | |
open-vm-tools | [SECURITY EMBARGOED] CVE-2022-31676: Local privilege escalation vulnerability in open-vm-tools | 2022-08-11T15:33:18+00:00 | 2022-08-23T23:59:59+00:00 | 2022-08-23T20:10:48+00:00 | CVE-2022-31676 | 12.33 | 12.17 |
Linux | Linux NAT issue | 2022-08-03T01:55:09+00:00 | 2022-08-10T01:55:09+00:00 | 2022-08-30T02:27:44+00:00 | CVE-2022-2663 | 7.00 | 27.00 |
Linux | Re: CVE-2022-2586 | 2022-08-03T00:23:10+00:00 | 2022-08-09T17:00:00+00:00 | 2022-08-09T17:10:35+00:00 | CVE-2022-2586 | 6.67 | 6.67 |
Linux | CVE-2022-2585 | 2022-08-03T00:15:25+00:00 | 2022-08-09T17:00:00+00:00 | 2022-08-09T17:13:40+00:00 | CVE-2022-2585 | 6.67 | 6.67 |
Linux | class_route UAF report (was Re: CVE-2022-2588) | 2022-08-02T19:58:24+00:00 | 2022-08-09T17:00:00+00:00 | 2022-08-09T17:11:54+00:00 | CVE-2011-1019 CVE-2022-2588 | 6.88 | 6.88 |
July | |||||||
Linux | Re: … | 2022-07-31T18:16:32+00:00 | 2022-08-07T18:16:32+00:00 | 2022-08-08T07:18:27+00:00 | CVE-2016-5195 CVE-2022-2590 | 7.00 | 7.54 |
rsync | … | 2022-07-25T08:42:15+00:00 | 2022-08-01T08:42:15+00:00 | 2022-08-02T08:53:25+00:00 | CVE-2019-6111 CVE-2022-29154 | 7.00 | 8.00 |
Linux | CVE-2022-21505: Kernel lockdown bypass bug. | 2022-07-12T17:54:51+00:00 | 2022-07-19T17:54:51+00:00 | 2022-07-19T17:02:12+00:00 | CVE-2022-21505 | 7.00 | 6.96 |
xorg | Preview of X.Org Security Advisory for 2022-07-12 | 2022-07-05T18:40:01+00:00 | 2022-07-12T18:40:01+00:00 | 2022-07-12T12:58:15+00:00 | CVE-2022-2319 CVE-2022-2320 | 7.00 | 6.75 |
git | Upcoming Git security fix release | 2022-07-04T21:34:29+00:00 | 2022-07-11T21:34:29+00:00 | 2022-07-14T00:13:18+00:00 | CVE-2022-24765 CVE-2022-29187 | 7.00 | 9.08 |
June | |||||||
curl | (4/4) curl: FTP-KRB bad message verification | 2022-06-20T06:31:22+00:00 | 2022-06-27T06:31:22+00:00 | 2022-06-27T06:21:14+00:00 | CVE-2022-32208 | 7.00 | 6.96 |
curl | (3/4) curl: Unpreserved file permissions | 2022-06-20T06:31:16+00:00 | 2022-06-27T06:31:16+00:00 | 2022-06-27T06:20:42+00:00 | CVE-2022-32207 | 7.00 | 6.96 |
curl | (2/4) curl: HTTP compression denial of service | 2022-06-20T06:31:12+00:00 | 2022-06-27T06:31:12+00:00 | 2022-06-27T06:20:10+00:00 | CVE-2022-32206 | 7.00 | 6.96 |
curl | (1/4) curl: Set-Cookie denial of service | 2022-06-20T06:31:08+00:00 | 2022-06-27T06:31:08+00:00 | 2022-06-27T06:19:23+00:00 | CVE-2022-32205 | 7.00 | 6.96 |
grub | GRUB vulnerabilities disclosure on June 7th 10AM PDT | 2022-06-03T16:39:33+00:00 | 2022-06-10T16:39:33+00:00 | 2022-06-07T19:04:13+00:00 | CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-21499 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 CVE-2022-28736 CVE-2022-28737 | 7.00 | 4.08 |
github.com/containerd/containerd | containerd GHSA-5ffw-gxpp-mxpf | 2022-06-01T21:14:13+00:00 | 2022-06-08T21:14:13+00:00 | 2022-06-06T19:45:34+00:00 | CVE-2022-31030 | 7.00 | 4.92 |
May | |||||||
Linux | linux-kernel: A use-after-free in __lock_acquire | 2022-05-31T03:08:52+00:00 | 2022-06-07T03:08:52+00:00 | 2022-06-14T01:07:55+00:00 | CVE-2022-1976 | 7.00 | 13.88 |
Linux | Out-of-bounds write vulnerability in nftable can lead to privilege escalation | 2022-05-27T19:16:39+00:00 | 2022-06-03T19:16:39+00:00 | 2022-06-02T02:21:36+00:00 | CVE-2022-1972 | 7.00 | 5.29 |
Linux | linux-kernel: A double-free in ntfs3 log_replay | 2022-05-27T14:26:57+00:00 | 2022-06-03T14:26:57+00:00 | 2022-06-08T02:17:36+00:00 | CVE-2022-1973 | 7.00 | 11.46 |
Linux | A race condition vulnerability in drivers/tty/tty_buffers.c | 2022-05-26T21:37:00+00:00 | 2022-06-02T21:37:00+00:00 | 2022-05-27T14:47:05+00:00 | CVE-2022-1462 | 7.00 | 0.71 |
Linux | EXTERNAL: Re: [vs-plain] Linux Kernel Vulnerability | 2022-05-26T08:46:48+00:00 | 2022-06-02T08:46:48+00:00 | 2022-06-03T06:31:41+00:00 | CVE-2022-1966 | 7.00 | 7.88 |
logrotate | Re: … | 2022-05-25T13:19:31+00:00 | 2022-06-01T13:19:31+00:00 | 2022-05-25T13:37:24+00:00 | CVE-2022-1348 | 7.00 | 0.00 |
March | |||||||
Linux | Vulnerability in nf_tables can cause privilege escalation | 2022-03-17T02:08:11+00:00 | 2022-03-24T02:08:11+00:00 | 2022-08-25T13:28:56+00:00 | CVE-2022-1015 CVE-2022-1016 | 7.00 | 161.46 |
Linux | CVE-2022-0847: overwriting read-only files on Linux | 2022-03-07T12:01:19+00:00 | 2022-03-14T12:01:19+00:00 | 2022-08-08T07:18:27+00:00 | CVE-2016-5195 CVE-2022-0847 | 7.00 | 153.79 |
February | |||||||
Linux | Vulnerability in Linux kernels until 5.6.11 | 2022-02-28T08:20:32+00:00 | 2022-03-07T08:20:32+00:00 | 2022-03-07T12:01:19+00:00 | CVE-2022-0847 | 7.00 | 7.12 |
January | |||||||
Linux | Re: Vulnerability in the vmwgfx driver | 2022-01-21T12:07:12+00:00 | 2022-01-28T12:07:12+00:00 | 2022-01-27T20:00:19+00:00 | CVE-2022-22942 | 7.00 | 6.29 |
Linux | Re: Security sensitive bug in the i915 kernel driver | 2022-01-18T14:32:16+00:00 | 2022-01-25T14:32:16+00:00 | 2022-01-25T17:55:25+00:00 | CVE-2022-0330 | 7.00 | 7.12 |
rust | Re: CVE-2022-21658: TOCTOU in Rust's std::fs::remove_dir_all | 2022-01-17T11:29:52+00:00 | 2022-01-24T11:29:52+00:00 | 2022-01-20T11:02:55+00:00 | CVE-2021-3997 CVE-2022-21658 | 7.00 | 2.96 |
aide | Re: *UNCHECKED* CVE-2021-45417 - aide: heap-based buffer overflow vulnerability in base64 functions | 2022-01-16T13:00:34+00:00 | 2022-01-23T13:00:34+00:00 | 2022-01-20T16:35:22+00:00 | CVE-2021-45417 | 7.00 | 4.12 |
usbview | usbview polkit policy local root exploit (CVE-2022-23220) | 2022-01-13T13:30:52+00:00 | 2022-01-20T13:30:52+00:00 | 2022-01-21T14:33:50+00:00 | CVE-2022-23220 | 7.00 | 8.04 |
prosody | Re: Prosody XMPP Server 0.11.x Unauthenticated Remote Denial of Service / Resource Exhaustion | 2022-01-12T07:58:16+00:00 | 2022-01-19T07:58:16+00:00 | 2022-01-13T17:07:44+00:00 | CVE-2022-0217 | 7.00 | 1.38 |
polkit | Re: CVE-2021-4034 (patch) | 2022-01-12T00:01:39+00:00 | 2022-01-19T00:01:39+00:00 | 2022-01-25T18:04:49+00:00 | CVE-2021-4034 | 7.00 | 13.75 |
Linux | Out-of-bounds write of heap buffer in fs_context.c leads to LPE and container escape | 2022-01-11T09:01:05+00:00 | 2022-01-18T09:01:05+00:00 | 2022-01-18T18:57:57+00:00 | CVE-2022-0185 CVE-2022-0216 | 7.00 | 7.38 |
cryptsetup | Re: LUKS2 / cryptsetup: CVE-2021-4122 disabling encryption via header rewrite | 2022-01-07T10:15:50+00:00 | 2022-01-14T10:15:50+00:00 | 2022-01-13T10:10:00+00:00 | CVE-2021-4122 | 7.00 | 5.96 |
systemd | Re: CVE-2021-3997 in systemd | 2022-01-04T07:14:29+00:00 | 2022-01-11T07:14:29+00:00 | 2022-01-11T00:01:34+00:00 | CVE-2021-3997 | 7.00 | 6.67 |
Linux | Linux kernel: CVE-2021-4155 | 2022-01-03T17:32:24+00:00 | 2022-01-10T17:32:24+00:00 | 2022-01-10T12:19:47+00:00 | CVE-2021-4155 | 7.00 | 6.75 |