CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50228 – KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
https://notcve.org/view.php?id=CVE-2022-50228
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVM_SET_VCPU_EVENTS (even if having at least a WARN there would be correct for KVM internally generated injections). kernel BUG at arch/x86/kvm/svm/svm.c:3386! invalid opcode: 0000 [#1] SMP CPU: 15 PID: 926 Comm: smm_test Not tainted 5.17.0-rc3+ #264 Hard... • https://git.kernel.org/stable/c/219b65dcf6c0bad83d51bfa12e25891c02de2414 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50224 – KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT
https://notcve.org/view.php?id=CVE-2022-50224
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled (mindblowing) and trigger the WARN that fires on reserved SPTE bits being set. KVM has required NX support for SVM since commit b26a71a1a5b9 ("KVM: SVM: Refuse to load kvm_amd if NX support is not available") for exactly this reason, but apparently it never occurred to anyone to ... • https://git.kernel.org/stable/c/6271f2854b9233702e236e576b885a876dde4889 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50222 – tty: vt: initialize unicode screen buffer
https://notcve.org/view.php?id=CVE-2022-50222
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include
CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50220 – usbnet: Fix linkwatch use-after-free on disconnect
https://notcve.org/view.php?id=CVE-2022-50220
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnet_deferred_kevent() to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in ->ndo_stop(). But in 2003, that was moved to ->disconnect() by historic commit "[PATCH] USB: usbnet, prevent exotic rtnl deadlock": https://git.kernel.org/tglx/history/c/0f138bbfd83c The change was made because back then, the kernel's workqueue impl... • https://git.kernel.org/stable/c/d2d6b530d89b0a912148018027386aa049f0a309 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50215 – scsi: sg: Allow waiting for commands to complete on removed device
https://notcve.org/view.php?id=CVE-2022-50215
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before the removal. This is problematic for commands that use SG_FLAG_DIRECT_IO since the data buffer may still be in use by the kernel when userspace frees or reuses it after getting ENODEV, leading to corrupted userspace ... • https://git.kernel.org/stable/c/bbc118acf7baf9e93c5e1314d14f481301af4d0f •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50211 – md-raid10: fix KASAN warning
https://notcve.org/view.php?id=CVE-2022-50211
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in raid10_remove_disk when running the lvm test lvconvert-raid-reshape.sh. We fix this warning by verifying that the value "number" is valid. BUG: KASAN: slab-out-of-bounds in raid10_remove_disk+0x61/0x2a0 [raid10] Read of size 8 at addr ffff889108f3d300 by task mdX_raid10/124682 CPU: 3 PID: 124682 Comm: mdX_raid10 Not tainted 5.19.0-rc6 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, ... • https://git.kernel.org/stable/c/75fbd370a2cec9e92f48285bd90735ed0c837f52 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50210 – MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
https://notcve.org/view.php?id=CVE-2022-50210
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected, cpu_max_bits_warn() generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ------------[ cut here ]------------ [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x... • https://git.kernel.org/stable/c/d3ac4e47510ec0753ebe1e418a334ad202784aa8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50206 – arm64: fix oops in concurrently setting insn_emulation sysctls
https://notcve.org/view.php?id=CVE-2022-50206
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insn_emulation sysctls emulation_proc_handler() changes table->data for proc_dointvec_minmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 | Internal error: Oops: 96000006 [#1] SMP | Call trace: | update_insn_emulation_mode+0xc0/0x148 | emulation_proc_handler+0x64/0xb8 | proc_sys_call_handl... • https://git.kernel.org/stable/c/9d5fec6ba2e4117d196a8259ab54615ffe562460 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50205 – ext2: Add more validity checks for inode counts
https://notcve.org/view.php?id=CVE-2022-50205
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes per group. Also verify we have at least one block worth of inodes per group. This prevents crashes on corrupted filesystems. In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stor... • https://git.kernel.org/stable/c/0bcdc31094a12b4baf59e241feabc9787cf635fa •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50204 – ARM: OMAP2+: pdata-quirks: Fix refcount leak bug
https://notcve.org/view.php?id=CVE-2022-50204
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: pdata-quirks: Fix refcount leak bug In pdata_quirks_init_clocks(), the loop contains of_find_node_by_name() but without corresponding of_node_put(). In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: pdata-quirks: Fix refcount leak bug In pdata_quirks_init_clocks(), the loop contains of_find_node_by_name() but without corresponding of_node_put(). • https://git.kernel.org/stable/c/75f23d72b6e0a34c8a0e8d275b69ba1e6dd0f15f •