CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2022-49583 – iavf: Fix handling of dummy receive descriptors
https://notcve.org/view.php?id=CVE-2022-49583
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavf_get_rx_buffer now sets the rx_buffer return value for dummy receive descriptors. Without this patch, when the hardware writes a dummy descriptor, iavf would not free the page allocated for the previous receive buffer. This is an unlikely event but can still happen. [Jesse: massaged commit message] In the Linux kerne... • https://git.kernel.org/stable/c/efa14c3985828da3163f5372137cb64d992b0f79 •
CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2022-49581 – be2net: Fix buffer overflow in be_get_module_eeprom
https://notcve.org/view.php?id=CVE-2022-49581
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in be_get_module_eeprom be_cmd_read_port_transceiver_data assumes that it is given a buffer that is at least PAGE_DATA_LEN long, or twice that if the module supports SFF 8472. However, this is not always the case. Fix this by passing the desired offset and length to be_cmd_read_port_transceiver_data so that we only copy the bytes once. In the Linux kernel, the following vulnerability has been resolved: be2net: Fi... • https://git.kernel.org/stable/c/e36edd9d26cf257511548edaf2b7a56eb4fed854 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49580 – ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
https://notcve.org/view.php?id=CVE-2022-49580
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. While reading sysctl_fib_multipath_use_neigh, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. While reading sysctl_fib_multipath_use_neigh, it can be changed concurrently. • https://git.kernel.org/stable/c/a6db4494d218c2e559173661ee972e048dc04fdd •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2022-49579 – ipv4: Fix data-races around sysctl_fib_multipath_hash_policy.
https://notcve.org/view.php?id=CVE-2022-49579
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_policy. While reading sysctl_fib_multipath_hash_policy, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_policy. While reading sysctl_fib_multipath_hash_policy, it can be changed concurrently. • https://git.kernel.org/stable/c/bf4e0a3db97eb882368fd82980b3b1fa0b5b9778 •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2022-49578 – ip: Fix data-races around sysctl_ip_prot_sock.
https://notcve.org/view.php?id=CVE-2022-49578
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_prot_sock. sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_prot_sock. sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and ... • https://git.kernel.org/stable/c/4548b683b78137f8eadeb312b94e20bb0d4a7141 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49577 – udp: Fix a data-race around sysctl_udp_l3mdev_accept.
https://notcve.org/view.php?id=CVE-2022-49577
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctl_udp_l3mdev_accept. While reading sysctl_udp_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctl_udp_l3mdev_accept. While reading sysctl_udp_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/63a6fff353d01da5a22b72670c434bf12fa0e3b8 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-49575 – tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
https://notcve.org/view.php?id=CVE-2022-49575
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. • https://git.kernel.org/stable/c/36e31b0af58728071e8023cf8e20c5166b700717 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-49574 – tcp: Fix data-races around sysctl_tcp_recovery.
https://notcve.org/view.php?id=CVE-2022-49574
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/4f41b1c58a32537542f14c1150099131613a5e8a •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-49573 – tcp: Fix a data-race around sysctl_tcp_early_retrans.
https://notcve.org/view.php?id=CVE-2022-49573
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/eed530b6c67624db3f2cf477bac7c4d005d8f7ba •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-49572 – tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
https://notcve.org/view.php?id=CVE-2022-49572
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. • https://git.kernel.org/stable/c/35089bb203f44e33b6bbb6c4de0b0708f9a48921 •