[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-49407":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":45,"related":46,"reserved_at":9,"published_at":52,"modified_at":53,"state":54,"summary":55,"references_raw":64,"kevs":103,"epss":104,"epss_history":107,"metrics":380,"affected":386},"CVE-2022-49407","In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: fix plock invalid read\n\nThis patch fixes an invalid read showed by KASAN. A unlock will allocate a\n\"struct plock_op\" and a followed send_op() will append it to a global\nsend_list data structure. In some cases a followed dev_read() moves it\nto recv_list and dev_write() will cast it to \"struct plock_xop\" and access\nfields which are only available in those structures. At this point an\ninvalid read happens by accessing those fields.\n\nTo fix this issue the \"callback\" field is moved to \"struct plock_op\" to\nindicate that a cast to \"plock_xop\" is allowed and does the additional\n\"plock_xop\" handling if set.\n\nExample of the KASAN output which showed the invalid read:\n\n[ 2064.296453] ==================================================================\n[ 2064.304852] BUG: KASAN: slab-out-of-bounds in dev_write+0x52b/0x5a0 [dlm]\n[ 2064.306491] Read of size 8 at addr ffff88800ef227d8 by task dlm_controld/7484\n[ 2064.308168]\n[ 2064.308575] CPU: 0 PID: 7484 Comm: dlm_controld Kdump: loaded Not tainted 5.14.0+ #9\n[ 2064.310292] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\n[ 2064.311618] Call Trace:\n[ 2064.312218]  dump_stack_lvl+0x56/0x7b\n[ 2064.313150]  print_address_description.constprop.8+0x21/0x150\n[ 2064.314578]  ? dev_write+0x52b/0x5a0 [dlm]\n[ 2064.315610]  ? dev_write+0x52b/0x5a0 [dlm]\n[ 2064.316595]  kasan_report.cold.14+0x7f/0x11b\n[ 2064.317674]  ? dev_write+0x52b/0x5a0 [dlm]\n[ 2064.318687]  dev_write+0x52b/0x5a0 [dlm]\n[ 2064.319629]  ? dev_read+0x4a0/0x4a0 [dlm]\n[ 2064.320713]  ? bpf_lsm_kernfs_init_security+0x10/0x10\n[ 2064.321926]  vfs_write+0x17e/0x930\n[ 2064.322769]  ? __fget_light+0x1aa/0x220\n[ 2064.323753]  ksys_write+0xf1/0x1c0\n[ 2064.324548]  ? __ia32_sys_read+0xb0/0xb0\n[ 2064.325464]  do_syscall_64+0x3a/0x80\n[ 2064.326387]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 2064.327606] RIP: 0033:0x7f807e4ba96f\n[ 2064.328470] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 39 87 f8 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 \u003C48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 87 f8 ff 48\n[ 2064.332902] RSP: 002b:00007ffd50cfe6e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\n[ 2064.334658] RAX: ffffffffffffffda RBX: 000055cc3886eb30 RCX: 00007f807e4ba96f\n[ 2064.336275] RDX: 0000000000000040 RSI: 00007ffd50cfe7e0 RDI: 0000000000000010\n[ 2064.337980] RBP: 00007ffd50cfe7e0 R08: 0000000000000000 R09: 0000000000000001\n[ 2064.339560] R10: 000055cc3886eb30 R11: 0000000000000293 R12: 000055cc3886eb80\n[ 2064.341237] R13: 000055cc3886eb00 R14: 000055cc3886f590 R15: 0000000000000001\n[ 2064.342857]\n[ 2064.343226] Allocated by task 12438:\n[ 2064.344057]  kasan_save_stack+0x1c/0x40\n[ 2064.345079]  __kasan_kmalloc+0x84/0xa0\n[ 2064.345933]  kmem_cache_alloc_trace+0x13b/0x220\n[ 2064.346953]  dlm_posix_unlock+0xec/0x720 [dlm]\n[ 2064.348811]  do_lock_file_wait.part.32+0xca/0x1d0\n[ 2064.351070]  fcntl_setlk+0x281/0xbc0\n[ 2064.352879]  do_fcntl+0x5e4/0xfe0\n[ 2064.354657]  __x64_sys_fcntl+0x11f/0x170\n[ 2064.356550]  do_syscall_64+0x3a/0x80\n[ 2064.358259]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 2064.360745]\n[ 2064.361511] Last potentially related work creation:\n[ 2064.363957]  kasan_save_stack+0x1c/0x40\n[ 2064.365811]  __kasan_record_aux_stack+0xaf/0xc0\n[ 2064.368100]  call_rcu+0x11b/0xf70\n[ 2064.369785]  dlm_process_incoming_buffer+0x47d/0xfd0 [dlm]\n[ 2064.372404]  receive_from_sock+0x290/0x770 [dlm]\n[ 2064.374607]  process_recv_sockets+0x32/0x40 [dlm]\n[ 2064.377290]  process_one_work+0x9a8/0x16e0\n[ 2064.379357]  worker_thread+0x87/0xbf0\n[ 2064.381188]  kthread+0x3ac/0x490\n[ 2064.383460]  ret_from_fork+0x22/0x30\n[ 2064.385588]\n[ 2064.386518] Second to last potentially related work creation:\n[ 2064.389219]  kasan_save_stack+0x1c/0x40\n[ 2064.391043]  __kasan_record_aux_stack+0xaf/0xc0\n[ 2064.393303]  call_rcu+0x11b/0xf70\n[ 2064.394885]  dlm_process_incoming_buffer+0x47d/0xfd0 [dlm]\n[ 2064.397694]  receive_from_sock+0x290/0x770 \n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43],{"_key":28},"SUSE-SU-2025:1027-1",{"_key":30},"SUSE-SU-2025:1176-1",{"_key":32},"SUSE-SU-2025:1183-1",{"_key":34},"SUSE-SU-2025:1241-1",{"_key":36},"SUSE-SU-2025:1293-1",{"_key":38},"DEBIAN-CVE-2022-49407",{"_key":40},"RHSA-2025:10174",{"_key":42},"RHSA-2025:10193",{"_key":44},"UBUNTU-CVE-2022-49407",[],[47,48,49,50,51],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},"2025-02-26T02:12:31.562Z","2026-05-11T18:59:09.835Z","Analyzed",{"cisa_kev":56,"cisa_ransomware":56,"cisa_vendor":9,"epss_severity":57,"epss_score":58,"severity":59,"severity_score":60,"severity_version":61,"severity_source":62,"severity_vector":63,"severity_status":54},false,"low",0.00009,"high",7.1,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",[65,71,75,79,83,87,91,95,99],{"url":66,"sources":67,"tags":69},"https://git.kernel.org/stable/c/2c55155cc365861044d9e6e80e342693e8805e33",[68,62],"cve.org",[70],"Patch",{"url":72,"sources":73,"tags":74},"https://git.kernel.org/stable/c/72f2f68970f9bdc252d59e119b385a6441b0b155",[68,62],[70],{"url":76,"sources":77,"tags":78},"https://git.kernel.org/stable/c/5a1765adf9855cf0f6d3f7e0eb4b78ca66f70dee",[68,62],[70],{"url":80,"sources":81,"tags":82},"https://git.kernel.org/stable/c/49cd9eb7b9a7b88124b31e31f8e539acaf1b3a6d",[68,62],[70],{"url":84,"sources":85,"tags":86},"https://git.kernel.org/stable/c/899bc4429174861122f0c236588700a4710c1fec",[68,62],[70],{"url":88,"sources":89,"tags":90},"https://git.kernel.org/stable/c/acdad5bc9827922ec2f2e84fd198718aa8e8ab92",[68,62],[70],{"url":92,"sources":93,"tags":94},"https://git.kernel.org/stable/c/56aa8d1fbd02357f3bf81bdfba1cde87ce8402fc",[68,62],[70],{"url":96,"sources":97,"tags":98},"https://git.kernel.org/stable/c/e421872fa17542cf33747071fb141b0130ce9ef7",[68,62],[70],{"url":100,"sources":101,"tags":102},"https://git.kernel.org/stable/c/42252d0d2aa9b94d168241710a761588b3959019",[68,62],[70],[],{"date":105,"score":58,"percentile":106},"2026-06-03",0.00955,[108,112,115,118,121,124,127,130,133,137,140,143,146,149,151,155,158,161,164,168,171,174,177,180,183,186,189,192,195,198,201,204,207,210,213,216,219,222,225,228,231,234,237,239,242,245,248,251,254,257,261,264,267,270,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,321,324,327,330,333,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377],{"date":109,"score":110,"percentile":111},"2025-11-04",0.00022,0.04494,{"date":113,"score":110,"percentile":114},"2025-11-05",0.04499,{"date":116,"score":110,"percentile":117},"2025-11-06",0.04613,{"date":119,"score":110,"percentile":120},"2025-11-07",0.0462,{"date":122,"score":110,"percentile":123},"2025-11-08",0.04615,{"date":125,"score":110,"percentile":126},"2025-11-09",0.04619,{"date":128,"score":110,"percentile":129},"2025-11-10",0.04603,{"date":131,"score":110,"percentile":132},"2025-11-11",0.04639,{"date":134,"score":135,"percentile":136},"2025-11-12",0.00023,0.05004,{"date":138,"score":135,"percentile":139},"2025-11-13",0.05039,{"date":141,"score":135,"percentile":142},"2025-11-14",0.05075,{"date":144,"score":135,"percentile":145},"2025-11-15",0.05097,{"date":147,"score":135,"percentile":148},"2025-11-16",0.05107,{"date":150,"score":135,"percentile":148},"2025-11-17",{"date":152,"score":153,"percentile":154},"2025-11-18",0.00044,0.08571,{"date":156,"score":153,"percentile":157},"2025-11-19",0.08583,{"date":159,"score":153,"percentile":160},"2025-11-20",0.08615,{"date":162,"score":135,"percentile":163},"2025-11-21",0.05161,{"date":165,"score":166,"percentile":167},"2025-11-22",0.00026,0.06184,{"date":169,"score":166,"percentile":170},"2025-11-23",0.06171,{"date":172,"score":166,"percentile":173},"2025-11-24",0.06149,{"date":175,"score":166,"percentile":176},"2025-11-25",0.06137,{"date":178,"score":166,"percentile":179},"2025-11-26",0.06157,{"date":181,"score":166,"percentile":182},"2025-11-27",0.06165,{"date":184,"score":166,"percentile":185},"2025-11-28",0.06138,{"date":187,"score":166,"percentile":188},"2025-11-29",0.0618,{"date":190,"score":166,"percentile":191},"2025-11-30",0.06179,{"date":193,"score":166,"percentile":194},"2025-12-01",0.06242,{"date":196,"score":166,"percentile":197},"2025-12-02",0.06256,{"date":199,"score":166,"percentile":200},"2025-12-03",0.0627,{"date":202,"score":166,"percentile":203},"2025-12-04",0.06235,{"date":205,"score":166,"percentile":206},"2025-12-05",0.06285,{"date":208,"score":166,"percentile":209},"2025-12-06",0.06294,{"date":211,"score":166,"percentile":212},"2025-12-07",0.063,{"date":214,"score":166,"percentile":215},"2025-12-08",0.06297,{"date":217,"score":166,"percentile":218},"2025-12-09",0.06354,{"date":220,"score":166,"percentile":221},"2025-12-10",0.06426,{"date":223,"score":166,"percentile":224},"2025-12-11",0.06421,{"date":226,"score":166,"percentile":227},"2025-12-12",0.06443,{"date":229,"score":166,"percentile":230},"2025-12-13",0.06493,{"date":232,"score":166,"percentile":233},"2025-12-14",0.06458,{"date":235,"score":166,"percentile":236},"2025-12-15",0.06432,{"date":238,"score":166,"percentile":233},"2025-12-16",{"date":240,"score":166,"percentile":241},"2025-12-17",0.06545,{"date":243,"score":166,"percentile":244},"2025-12-18",0.06605,{"date":246,"score":166,"percentile":247},"2025-12-19",0.06594,{"date":249,"score":166,"percentile":250},"2025-12-20",0.06588,{"date":252,"score":166,"percentile":253},"2025-12-21",0.06578,{"date":255,"score":166,"percentile":256},"2025-12-22",0.06532,{"date":258,"score":259,"percentile":260},"2025-12-23",0.00027,0.07079,{"date":262,"score":259,"percentile":263},"2025-12-24",0.07101,{"date":265,"score":259,"percentile":266},"2025-12-25",0.0717,{"date":268,"score":259,"percentile":269},"2025-12-26",0.07176,{"date":271,"score":272,"percentile":273},"2025-12-27",0.00034,0.09686,{"date":275,"score":259,"percentile":276},"2025-12-28",0.07172,{"date":278,"score":259,"percentile":279},"2025-12-29",0.07151,{"date":281,"score":259,"percentile":282},"2025-12-30",0.07127,{"date":284,"score":259,"percentile":285},"2025-12-31",0.07171,{"date":287,"score":259,"percentile":288},"2026-01-01",0.07234,{"date":290,"score":259,"percentile":291},"2026-01-02",0.0723,{"date":293,"score":259,"percentile":294},"2026-01-03",0.07224,{"date":296,"score":259,"percentile":297},"2026-01-04",0.07146,{"date":299,"score":259,"percentile":300},"2026-01-05",0.07096,{"date":302,"score":259,"percentile":303},"2026-01-06",0.07087,{"date":305,"score":259,"percentile":306},"2026-01-07",0.07111,{"date":308,"score":259,"percentile":309},"2026-01-08",0.07168,{"date":311,"score":259,"percentile":312},"2026-01-09",0.07183,{"date":314,"score":259,"percentile":315},"2026-01-10",0.07213,{"date":317,"score":259,"percentile":318},"2026-01-11",0.07199,{"date":320,"score":259,"percentile":266},"2026-01-12",{"date":322,"score":259,"percentile":323},"2026-01-13",0.07157,{"date":325,"score":259,"percentile":326},"2026-01-14",0.07202,{"date":328,"score":259,"percentile":329},"2026-01-15",0.07209,{"date":331,"score":259,"percentile":332},"2026-01-16",0.07223,{"date":334,"score":259,"percentile":288},"2026-01-17",{"date":336,"score":259,"percentile":337},"2026-01-18",0.07208,{"date":339,"score":259,"percentile":340},"2026-01-19",0.07167,{"date":342,"score":259,"percentile":343},"2026-01-20",0.07133,{"date":345,"score":259,"percentile":346},"2026-01-21",0.07125,{"date":348,"score":259,"percentile":349},"2026-01-22",0.07104,{"date":351,"score":259,"percentile":352},"2026-01-23",0.07163,{"date":354,"score":259,"percentile":355},"2026-01-24",0.0722,{"date":357,"score":259,"percentile":358},"2026-01-25",0.07206,{"date":360,"score":259,"percentile":361},"2026-01-26",0.07189,{"date":363,"score":259,"percentile":364},"2026-01-27",0.07175,{"date":366,"score":259,"percentile":367},"2026-01-28",0.07152,{"date":369,"score":259,"percentile":370},"2026-01-29",0.07147,{"date":372,"score":259,"percentile":373},"2026-01-30",0.07159,{"date":375,"score":259,"percentile":376},"2026-01-31",0.07181,{"date":378,"score":259,"percentile":379},"2026-02-01",0.07214,[381],{"source":62,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":382,"cvss_v4_0":9},{"baseScore":60,"baseSeverity":383,"vectorString":63,"impactScore":384,"exploitabilityScore":385},"HIGH",8.7,4.6,[387,425],{"ecosystem":9,"name":388,"vendor":389,"product":389,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"Linux","linux","a",[392,399,402,405,408,411,414,417,420,423],{"version":393,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":397,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 2c55155cc365861044d9e6e80e342693e8805e33",true,"586759f03e2e9031ac5589912a51a909ed53c30a","including","2c55155cc365861044d9e6e80e342693e8805e33","excluding",{"version":400,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":401,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 72f2f68970f9bdc252d59e119b385a6441b0b155","72f2f68970f9bdc252d59e119b385a6441b0b155",{"version":403,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":404,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 5a1765adf9855cf0f6d3f7e0eb4b78ca66f70dee","5a1765adf9855cf0f6d3f7e0eb4b78ca66f70dee",{"version":406,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":407,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 49cd9eb7b9a7b88124b31e31f8e539acaf1b3a6d","49cd9eb7b9a7b88124b31e31f8e539acaf1b3a6d",{"version":409,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":410,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 899bc4429174861122f0c236588700a4710c1fec","899bc4429174861122f0c236588700a4710c1fec",{"version":412,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":413,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C acdad5bc9827922ec2f2e84fd198718aa8e8ab92","acdad5bc9827922ec2f2e84fd198718aa8e8ab92",{"version":415,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":416,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 56aa8d1fbd02357f3bf81bdfba1cde87ce8402fc","56aa8d1fbd02357f3bf81bdfba1cde87ce8402fc",{"version":418,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":419,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C e421872fa17542cf33747071fb141b0130ce9ef7","e421872fa17542cf33747071fb141b0130ce9ef7",{"version":421,"is_range":394,"range_type":68,"version_start":395,"version_start_type":396,"version_end":422,"version_end_type":398,"fixed_in":9},">= 586759f03e2e9031ac5589912a51a909ed53c30a, \u003C 42252d0d2aa9b94d168241710a761588b3959019","42252d0d2aa9b94d168241710a761588b3959019",{"version":424,"is_range":56,"range_type":68,"version_start":424,"version_start_type":396,"version_end":424,"version_end_type":396,"fixed_in":9},"2.6.22",{"ecosystem":9,"name":426,"vendor":389,"product":427,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":429},"linux kernel","linux_kernel","o",[430,434,438,442,446,450,454,458],{"version":431,"is_range":394,"range_type":432,"version_start":424,"version_start_type":396,"version_end":433,"version_end_type":398,"fixed_in":9},"gte2.6.22_lt4.9.318","cpe","4.9.318",{"version":435,"is_range":394,"range_type":432,"version_start":436,"version_start_type":396,"version_end":437,"version_end_type":398,"fixed_in":9},"gte4.10_lt4.14.283","4.10","4.14.283",{"version":439,"is_range":394,"range_type":432,"version_start":440,"version_start_type":396,"version_end":441,"version_end_type":398,"fixed_in":9},"gte4.15_lt4.19.247","4.15","4.19.247",{"version":443,"is_range":394,"range_type":432,"version_start":444,"version_start_type":396,"version_end":445,"version_end_type":398,"fixed_in":9},"gte4.20_lt5.4.198","4.20","5.4.198",{"version":447,"is_range":394,"range_type":432,"version_start":448,"version_start_type":396,"version_end":449,"version_end_type":398,"fixed_in":9},"gte5.5_lt5.10.121","5.5","5.10.121",{"version":451,"is_range":394,"range_type":432,"version_start":452,"version_start_type":396,"version_end":453,"version_end_type":398,"fixed_in":9},"gte5.11_lt5.15.46","5.11","5.15.46",{"version":455,"is_range":394,"range_type":432,"version_start":456,"version_start_type":396,"version_end":457,"version_end_type":398,"fixed_in":9},"gte5.16_lt5.17.14","5.16","5.17.14",{"version":459,"is_range":394,"range_type":432,"version_start":460,"version_start_type":396,"version_end":461,"version_end_type":398,"fixed_in":9},"gte5.18_lt5.18.3","5.18","5.18.3"]