CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49810 – netfs: Fix missing xas_retry() calls in xarray iteration
https://notcve.org/view.php?id=CVE-2022-49810
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing xas_retry() calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarray whilst being under the RCU read lock. ... In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing xas_retry() calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarray whilst being under the RCU read lock. • https://git.kernel.org/stable/c/3d3c95046742e4eebaa4b891b0b01cbbed94ebbd •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49809 – net/x25: Fix skb leak in x25_lapb_receive_frame()
https://notcve.org/view.php?id=CVE-2022-49809
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the u... • https://git.kernel.org/stable/c/cb101ed2c3c7c0224d16953fe77bfb9d6c2cb9df •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49808 – net: dsa: don't leak tagger-owned storage on switch driver unbind
https://notcve.org/view.php?id=CVE-2022-49808
01 May 2025 — The positioning here also ensures that we won't have any use-after-free in tagging protocol (*rcv) ops, since the teardown sequence is as follows: dsa_tree_teardown -> dsa_tree_teardown_master -> dsa_master_teardown -> unsets master->dsa_ptr, making no further packets match the ETH_P_XDSA packet type handler -> dsa_tree_teardown_ports -> dsa_port_teardown -> dsa_slave_destroy -> unregisters DSA net devices, there is even a synchronize_net() in unregister_netdevice_many() -> dsa_tree_teardown_switches -> dsa... • https://git.kernel.org/stable/c/7f2973149c22e7a6fee4c0c9fa6b8e4108e9c208 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49807 – nvmet: fix a memory leak in nvmet_auth_set_key
https://notcve.org/view.php?id=CVE-2022-49807
01 May 2025 — kmemleak complaint: -- unreferenced object 0xffff8c7f44ed8180 (size 64): comm "check", pid 7304, jiffies 4295686133 (age 72034.246s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 4c 64 4c 4f 64 71 DHHC-1:00:LdLOdq 79 56 69 67 77 48 55 32 6d 5a 59 4c 7a 35 59 38 yVigwHU2mZYLz5Y8 backtrace: [<00000000b6fc5071>] kstrdup+0x2e/0x60 [<00000000f0f4633f>] 0xffffffffc0e07ee6 [<0000000053006c05>] 0xffffffffc0dff783 [<00000000419ae922>] configfs_write_iter+0xb1/0x120 [<000000008183c424>] vfs_write+0x2be/0x3... • https://git.kernel.org/stable/c/db1312dd95488b5e6ff362ff66fcf953a46b1821 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49806 – net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
https://notcve.org/view.php?id=CVE-2022-49806
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start() sparx_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start() sparx_stats_init() calls create_singlethread_workqueue() and no... • https://git.kernel.org/stable/c/b37a1bae742f92cc9b1f777d54e04ee3d86bbfc2 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49805 – net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
https://notcve.org/view.php?id=CVE-2022-49805
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init() lan966x_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init() lan966x_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. • https://git.kernel.org/stable/c/12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49804 – s390: avoid using global register for current_stack_pointer
https://notcve.org/view.php?id=CVE-2022-49804
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a function") made current_stack_pointer a global register variable like on many other architectures. In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a function") ma... • https://git.kernel.org/stable/c/30de14b1884ba609fc1acfba5b40309e3a6ccefe •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49803 – netdevsim: Fix memory leak of nsim_dev->fa_cookie
https://notcve.org/view.php?id=CVE-2022-49803
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsim_dev->fa_cookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s) hex dump (first 8 bytes): 04 00 00 00 de ad be ef ........ In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsim_dev->fa_cookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 (s... • https://git.kernel.org/stable/c/d3cbb907ae57fe5da314b51d949b617b538bdeae •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49802 – ftrace: Fix null pointer dereference in ftrace_add_mod()
https://notcve.org/view.php?id=CVE-2022-49802
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list a... • https://git.kernel.org/stable/c/673feb9d76ab3eddde7acfd94b206e321cfc90b9 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49801 – tracing: Fix memory leak in tracing_read_pipe()
https://notcve.org/view.php?id=CVE-2022-49801
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in tracing_read_pipe() kmemleak reports this issue: unreferenced object 0xffff888105a18900 (size 128): comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s) hex dump (first 32 bytes): 25 73 00 90 81 88 ff ff 26 05 00 00 42 01 58 04 %s......&...B.X. 03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ • https://git.kernel.org/stable/c/efbbdaa22bb78761bff8dfdde027ad04bedd47ce •