CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50109 – video: fbdev: amba-clcd: Fix refcount leak bugs
https://notcve.org/view.php?id=CVE-2022-50109
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfb_of_init_display(), we should call of_node_put() for the references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() which have increased the refcount. Besides, we should call of_node_put() both in fail path or when the references are not used anymore. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcoun... • https://git.kernel.org/stable/c/d10715be03bd8bad59ddc50236cb140c3bd73c7b •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50108 – mfd: max77620: Fix refcount leak in max77620_initialise_fps
https://notcve.org/view.php?id=CVE-2022-50108
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mfd: max77620: Fix refcount leak in max77620_initialise_fps of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: mfd: max77620: Fix refcount leak in max77620_initialise_fps of_get_child_by_name() returns a node pointer with refcount incremented, we ... • https://git.kernel.org/stable/c/327156c593600e0f08575621c2a56f311d482e7a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50106 – powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
https://notcve.org/view.php?id=CVE-2022-50106
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address of_get_next_parent() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() in the error path to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address of_get_next_parent() returns a node pointer with... • https://git.kernel.org/stable/c/ce21b3c9648ae55181787bf25ee00cf91dfd5c91 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50105 – powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
https://notcve.org/view.php?id=CVE-2022-50105
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader of_find_node_by_path() returns remote device nodepointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader of_find_node_by_path() returns remote device nodepointer with refcount ... • https://git.kernel.org/stable/c/0afacde3df4c9980f505d9afd7cb0058389732ca •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50104 – powerpc/xive: Fix refcount leak in xive_get_max_prio
https://notcve.org/view.php?id=CVE-2022-50104
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() o... • https://git.kernel.org/stable/c/eac1e731b59ee3b5f5e641a7765c7ed41ed26226 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50103 – sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
https://notcve.org/view.php?id=CVE-2022-50103
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed With cgroup v2, the cpuset's cpus_allowed mask can be empty indicating that the cpuset will just use the effective CPUs of its parent. So cpuset_can_attach() can call task_can_attach() with an empty mask. This can lead to cpumask_any_and() returns nr_cpu_ids causing the call to dl_bw_of() to crash due to percpu value access of an out of bound CPU value. For example: [80468... • https://git.kernel.org/stable/c/7f51412a415d87ea8598d14722fb31e4f5701257 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50102 – video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
https://notcve.org/view.php?id=CVE-2022-50102
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug in: drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info->var.pixclock) / hmul); with hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0. and then in: drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par-... • https://git.kernel.org/stable/c/681e14730c73cc2c71af282c001de6bc71c22f00 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50101 – video: fbdev: vt8623fb: Check the size of screen before memset_io()
https://notcve.org/view.php?id=CVE-2022-50101
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of 'screen_size' may larger than 'info->screen_size', which may cause the following bug: [ 583.339036] BUG: unable to handle page fault for address: ffffc90005000000 [ 583.339049] #PF: supervisor write access in kernel mode [ 583... • https://git.kernel.org/stable/c/558b7bd86c32978648cda5deb5c758d77ef0c165 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50100 – sched/core: Do not requeue task on CPU excluded from cpus_mask
https://notcve.org/view.php?id=CVE-2022-50100
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpus_mask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: 10 at ../kernel/workqueue.c:2231 process_one_work+0x4d/0x440 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50099 – video: fbdev: arkfb: Check the size of screen before memset_io()
https://notcve.org/view.php?id=CVE-2022-50099
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of 'screen_size' may larger than 'info->screen_size', which may cause the following bug: [ 659.399066] BUG: unable to handle page fault for address: ffffc90003000000 [ 659.399077] #PF: supervisor write access in kernel mode [ 659.39907... • https://git.kernel.org/stable/c/681e14730c73cc2c71af282c001de6bc71c22f00 •