[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-49291":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":50,"related":51,"reserved_at":9,"published_at":61,"modified_at":62,"state":63,"summary":64,"references_raw":73,"kevs":108,"epss":109,"epss_history":112,"metrics":384,"affected":392},"CVE-2022-49291","In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix races among concurrent hw_params and hw_free calls\n\nCurrently we have neither proper check nor protection against the\nconcurrent calls of PCM hw_params and hw_free ioctls, which may result\nin a UAF.  Since the existing PCM stream lock can't be used for\nprotecting the whole ioctl operations, we need a new mutex to protect\nthose racy calls.\n\nThis patch introduced a new mutex, runtime->buffer_mutex, and applies\nit to both hw_params and hw_free ioctl code paths.  Along with it, the\nboth functions are slightly modified (the mmap_count check is moved\ninto the state-check block) for code simplicity.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48],{"_key":25},"SUSE-SU-2025:1263-1",{"_key":27},"SUSE-SU-2025:0983-1",{"_key":29},"SUSE-SU-2025:1027-1",{"_key":31},"SUSE-SU-2025:1176-1",{"_key":33},"SUSE-SU-2025:1183-1",{"_key":35},"SUSE-SU-2025:1194-1",{"_key":37},"SUSE-SU-2025:1241-1",{"_key":39},"SUSE-SU-2025:1293-1",{"_key":41},"SUSE-SU-2026:0385-1",{"_key":43},"RHSA-2022:8267",{"_key":45},"DEBIAN-CVE-2022-49291",{"_key":47},"RHSA-2024:4107",{"_key":49},"UBUNTU-CVE-2022-49291",[],[52,53,54,55,56,57,58,59,60],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},"2025-02-26T01:56:27.986Z","2026-05-11T18:56:51.127Z","Analyzed",{"cisa_kev":65,"cisa_ransomware":65,"cisa_vendor":9,"epss_severity":66,"epss_score":67,"severity":68,"severity_score":69,"severity_version":70,"severity_source":71,"severity_vector":72,"severity_status":63},false,"low",0.00019,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[74,80,84,88,92,96,100,104],{"url":75,"sources":76,"tags":78},"https://git.kernel.org/stable/c/a42aa926843acca96c0dfbde2e835b8137f2f092",[71,77],"nvd",[79],"Patch",{"url":81,"sources":82,"tags":83},"https://git.kernel.org/stable/c/9cb6c40a6ebe4a0cfc9d6a181958211682cffea9",[71,77],[79],{"url":85,"sources":86,"tags":87},"https://git.kernel.org/stable/c/fbeb492694ce0441053de57699e1e2b7bc148a69",[71,77],[79],{"url":89,"sources":90,"tags":91},"https://git.kernel.org/stable/c/0f6947f5f5208f6ebd4d76a82a4757e2839a23f8",[71,77],[79],{"url":93,"sources":94,"tags":95},"https://git.kernel.org/stable/c/33061d0fba51d2bf70a2ef9645f703c33fe8e438",[71,77],[79],{"url":97,"sources":98,"tags":99},"https://git.kernel.org/stable/c/0090c13cbbdffd7da079ac56f80373a9a1be0bf8",[71,77],[79],{"url":101,"sources":102,"tags":103},"https://git.kernel.org/stable/c/1bbf82d9f961414d6c76a08f7f843ea068e0ab7b",[71,77],[79],{"url":105,"sources":106,"tags":107},"https://git.kernel.org/stable/c/92ee3c60ec9fe64404dc035e7c41277d74aa26cb",[71,77],[79],[],{"date":110,"score":67,"percentile":111},"2026-06-03",0.05162,[113,117,120,123,126,129,132,135,138,142,145,148,151,154,157,161,164,167,170,174,177,180,183,186,189,191,194,196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,266,269,272,275,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,323,326,328,331,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381],{"date":114,"score":115,"percentile":116},"2025-11-04",0.00023,0.04779,{"date":118,"score":115,"percentile":119},"2025-11-05",0.04791,{"date":121,"score":115,"percentile":122},"2025-11-06",0.04906,{"date":124,"score":115,"percentile":125},"2025-11-07",0.04913,{"date":127,"score":115,"percentile":128},"2025-11-08",0.04912,{"date":130,"score":115,"percentile":131},"2025-11-09",0.04914,{"date":133,"score":115,"percentile":134},"2025-11-10",0.04895,{"date":136,"score":115,"percentile":137},"2025-11-11",0.04933,{"date":139,"score":140,"percentile":141},"2025-11-12",0.00025,0.05498,{"date":143,"score":140,"percentile":144},"2025-11-13",0.05518,{"date":146,"score":140,"percentile":147},"2025-11-14",0.05549,{"date":149,"score":140,"percentile":150},"2025-11-15",0.05576,{"date":152,"score":140,"percentile":153},"2025-11-16",0.05583,{"date":155,"score":140,"percentile":156},"2025-11-17",0.05582,{"date":158,"score":159,"percentile":160},"2025-11-18",0.00046,0.09347,{"date":162,"score":159,"percentile":163},"2025-11-19",0.0936,{"date":165,"score":159,"percentile":166},"2025-11-20",0.09381,{"date":168,"score":140,"percentile":169},"2025-11-21",0.05639,{"date":171,"score":172,"percentile":173},"2025-11-22",0.00027,0.06704,{"date":175,"score":172,"percentile":176},"2025-11-23",0.0669,{"date":178,"score":172,"percentile":179},"2025-11-24",0.06668,{"date":181,"score":172,"percentile":182},"2025-11-25",0.06667,{"date":184,"score":172,"percentile":185},"2025-11-26",0.06679,{"date":187,"score":172,"percentile":188},"2025-11-27",0.06677,{"date":190,"score":172,"percentile":179},"2025-11-28",{"date":192,"score":172,"percentile":193},"2025-11-29",0.06709,{"date":195,"score":172,"percentile":173},"2025-11-30",{"date":197,"score":172,"percentile":198},"2025-12-01",0.06746,{"date":200,"score":172,"percentile":201},"2025-12-02",0.06758,{"date":203,"score":172,"percentile":204},"2025-12-03",0.06774,{"date":206,"score":172,"percentile":207},"2025-12-04",0.06751,{"date":209,"score":172,"percentile":210},"2025-12-05",0.06798,{"date":212,"score":172,"percentile":213},"2025-12-06",0.06808,{"date":215,"score":172,"percentile":216},"2025-12-07",0.06809,{"date":218,"score":172,"percentile":219},"2025-12-08",0.06813,{"date":221,"score":172,"percentile":222},"2025-12-09",0.06866,{"date":224,"score":172,"percentile":225},"2025-12-10",0.06937,{"date":227,"score":172,"percentile":228},"2025-12-11",0.06952,{"date":230,"score":172,"percentile":231},"2025-12-12",0.06959,{"date":233,"score":172,"percentile":234},"2025-12-13",0.06997,{"date":236,"score":172,"percentile":237},"2025-12-14",0.0698,{"date":239,"score":172,"percentile":240},"2025-12-15",0.06942,{"date":242,"score":172,"percentile":243},"2025-12-16",0.06974,{"date":245,"score":172,"percentile":246},"2025-12-17",0.07063,{"date":248,"score":172,"percentile":249},"2025-12-18",0.07126,{"date":251,"score":172,"percentile":252},"2025-12-19",0.07121,{"date":254,"score":172,"percentile":255},"2025-12-20",0.07114,{"date":257,"score":172,"percentile":258},"2025-12-21",0.07098,{"date":260,"score":172,"percentile":261},"2025-12-22",0.07054,{"date":263,"score":264,"percentile":265},"2025-12-23",0.00029,0.07606,{"date":267,"score":264,"percentile":268},"2025-12-24",0.07617,{"date":270,"score":264,"percentile":271},"2025-12-25",0.07695,{"date":273,"score":264,"percentile":274},"2025-12-26",0.07702,{"date":276,"score":277,"percentile":278},"2025-12-27",0.00036,0.10364,{"date":280,"score":264,"percentile":281},"2025-12-28",0.07703,{"date":283,"score":264,"percentile":284},"2025-12-29",0.07684,{"date":286,"score":264,"percentile":287},"2025-12-30",0.07655,{"date":289,"score":264,"percentile":290},"2025-12-31",0.07687,{"date":292,"score":264,"percentile":293},"2026-01-01",0.07756,{"date":295,"score":264,"percentile":296},"2026-01-02",0.07754,{"date":298,"score":264,"percentile":299},"2026-01-03",0.0776,{"date":301,"score":264,"percentile":302},"2026-01-04",0.07689,{"date":304,"score":264,"percentile":305},"2026-01-05",0.07639,{"date":307,"score":264,"percentile":308},"2026-01-06",0.0763,{"date":310,"score":264,"percentile":311},"2026-01-07",0.07662,{"date":313,"score":264,"percentile":314},"2026-01-08",0.07736,{"date":316,"score":264,"percentile":317},"2026-01-09",0.07747,{"date":319,"score":264,"percentile":320},"2026-01-10",0.07769,{"date":322,"score":264,"percentile":296},"2026-01-11",{"date":324,"score":264,"percentile":325},"2026-01-12",0.0773,{"date":327,"score":264,"percentile":274},"2026-01-13",{"date":329,"score":264,"percentile":330},"2026-01-14",0.07738,{"date":332,"score":264,"percentile":314},"2026-01-15",{"date":334,"score":264,"percentile":335},"2026-01-16",0.07757,{"date":337,"score":264,"percentile":338},"2026-01-17",0.07767,{"date":340,"score":264,"percentile":341},"2026-01-18",0.07748,{"date":343,"score":264,"percentile":344},"2026-01-19",0.07717,{"date":346,"score":264,"percentile":347},"2026-01-20",0.07677,{"date":349,"score":264,"percentile":350},"2026-01-21",0.07661,{"date":352,"score":264,"percentile":353},"2026-01-22",0.07648,{"date":355,"score":264,"percentile":356},"2026-01-23",0.07743,{"date":358,"score":264,"percentile":359},"2026-01-24",0.07791,{"date":361,"score":264,"percentile":362},"2026-01-25",0.07774,{"date":364,"score":264,"percentile":365},"2026-01-26",0.07739,{"date":367,"score":264,"percentile":368},"2026-01-27",0.07726,{"date":370,"score":264,"percentile":371},"2026-01-28",0.07691,{"date":373,"score":264,"percentile":374},"2026-01-29",0.07669,{"date":376,"score":264,"percentile":377},"2026-01-30",0.0768,{"date":379,"score":264,"percentile":380},"2026-01-31",0.07698,{"date":382,"score":264,"percentile":383},"2026-02-01",0.07725,[385,390],{"source":71,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":386,"cvss_v4_0":9},{"baseScore":69,"baseSeverity":387,"vectorString":72,"impactScore":388,"exploitabilityScore":389},"HIGH",9.8,4.6,{"source":77,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":391,"cvss_v4_0":9},{"baseScore":69,"baseSeverity":387,"vectorString":72,"impactScore":388,"exploitabilityScore":389},[393,428],{"ecosystem":9,"name":394,"vendor":395,"product":395,"cpe_part":396,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":397},"Linux","linux","a",[398,405,408,411,414,417,420,423,426],{"version":399,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":403,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C a42aa926843acca96c0dfbde2e835b8137f2f092",true,"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","including","a42aa926843acca96c0dfbde2e835b8137f2f092","excluding",{"version":406,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":407,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 9cb6c40a6ebe4a0cfc9d6a181958211682cffea9","9cb6c40a6ebe4a0cfc9d6a181958211682cffea9",{"version":409,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":410,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C fbeb492694ce0441053de57699e1e2b7bc148a69","fbeb492694ce0441053de57699e1e2b7bc148a69",{"version":412,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":413,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 0f6947f5f5208f6ebd4d76a82a4757e2839a23f8","0f6947f5f5208f6ebd4d76a82a4757e2839a23f8",{"version":415,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":416,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 33061d0fba51d2bf70a2ef9645f703c33fe8e438","33061d0fba51d2bf70a2ef9645f703c33fe8e438",{"version":418,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":419,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 0090c13cbbdffd7da079ac56f80373a9a1be0bf8","0090c13cbbdffd7da079ac56f80373a9a1be0bf8",{"version":421,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":422,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 1bbf82d9f961414d6c76a08f7f843ea068e0ab7b","1bbf82d9f961414d6c76a08f7f843ea068e0ab7b",{"version":424,"is_range":400,"range_type":71,"version_start":401,"version_start_type":402,"version_end":425,"version_end_type":404,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 92ee3c60ec9fe64404dc035e7c41277d74aa26cb","92ee3c60ec9fe64404dc035e7c41277d74aa26cb",{"version":427,"is_range":65,"range_type":71,"version_start":427,"version_start_type":402,"version_end":427,"version_end_type":402,"fixed_in":9},"2.6.12",{"ecosystem":9,"name":429,"vendor":395,"product":430,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":432},"linux kernel","linux_kernel","o",[433,437,441,445,449,453,457],{"version":434,"is_range":400,"range_type":435,"version_start":9,"version_start_type":9,"version_end":436,"version_end_type":404,"fixed_in":9},"lt4.14.279","cpe","4.14.279",{"version":438,"is_range":400,"range_type":435,"version_start":439,"version_start_type":402,"version_end":440,"version_end_type":404,"fixed_in":9},"gte4.15_lt4.19.243","4.15","4.19.243",{"version":442,"is_range":400,"range_type":435,"version_start":443,"version_start_type":402,"version_end":444,"version_end_type":404,"fixed_in":9},"gte4.20_lt5.4.193","4.20","5.4.193",{"version":446,"is_range":400,"range_type":435,"version_start":447,"version_start_type":402,"version_end":448,"version_end_type":404,"fixed_in":9},"gte5.5_lt5.10.109","5.5","5.10.109",{"version":450,"is_range":400,"range_type":435,"version_start":451,"version_start_type":402,"version_end":452,"version_end_type":404,"fixed_in":9},"gte5.11_lt5.15.32","5.11","5.15.32",{"version":454,"is_range":400,"range_type":435,"version_start":455,"version_start_type":402,"version_end":456,"version_end_type":404,"fixed_in":9},"gte5.16_lt5.16.18","5.16","5.16.18",{"version":458,"is_range":400,"range_type":435,"version_start":459,"version_start_type":402,"version_end":460,"version_end_type":404,"fixed_in":9},"gte5.17_lt5.17.1","5.17","5.17.1"]