CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49707 – ext4: add reserved GDT blocks check
https://notcve.org/view.php?id=CVE-2022-49707
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear resize_inode feature (not run e2fsck). It could be simply reproduced by following steps. The problem is because of the resize_inode feature was cleared, and it will convert the filesystem to meta_bg mode in ext4_resize_fs(), but the es->s_reserved_gdt_blocks was not reduced to zero, so could we mistakenly call reserv... • https://git.kernel.org/stable/c/0dc2fca8e4f9ac4a40e8424a10163369cca0cc06 •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49700 – mm/slub: add missing TID updates on slab deactivation
https://notcve.org/view.php?id=CVE-2022-49700
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't update the TID when deactivating the CPU slab. If multiple operations race the right way, this could lead to an object getting lost; or, in an even more unlikely situation, it could even lead to an object being freed onto the wrong slab... • https://git.kernel.org/stable/c/03e404af26dc2ea0d278d7a342de0aab394793ce • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49698 – netfilter: use get_random_u32 instead of prandom
https://notcve.org/view.php?id=CVE-2022-49698
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: use get_random_u32 instead of prandom bh might occur while updating per-cpu rnd_state from user context, ie. local_out path. BUG: using smp_processor_id() in preemptible [00000000] code: nginx/2725 caller is nft_ng_random_eval+0x24/0x54 [nft_numgen] Call Trace: check_preemption_disabled+0xde/0xe0 nft_ng_random_eval+0x24/0x54 [nft_numgen] Use the random driver instead, this also avoids need for local prandom state. Moreover, prand... • https://git.kernel.org/stable/c/978d8f9055c3a7c35db2ac99cd2580b993396e33 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49693 – drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
https://notcve.org/view.php?id=CVE-2022-49693
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. Patchwork: https://patchwork.freedesktop.org/patch/488473/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_gr... • https://git.kernel.org/stable/c/86418f90a4c1a0073db65d8a1e2bf94421117a60 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49691 – erspan: do not assume transport header is always set
https://notcve.org/view.php?id=CVE-2022-49691
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspan_tunnel_xmit() and erspan_fb_xmit() to not assume transport header is set. syzbot reported: WARNING: CPU: 0 PID: 1350 at include/linux/skbuff.h:2911 skb_transport_header include/linux/skbuff.h:2911 [inline] WARNING: CPU: 0 PID: 1350 at include/linux/skbuff.h:2911 ip6erspan_tunnel_xmit+0x15af/0x2eb0 net/ipv6/ip6_gre.c:963 Modules linked in: CPU: 0 PID: 1350 Comm: ... • https://git.kernel.org/stable/c/d5db21a3e6977dcb42cee3d16cd69901fa66510a •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49687 – virtio_net: fix xdp_rxq_info bug after suspend/resume
https://notcve.org/view.php?id=CVE-2022-49687
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcwake -s 10 -m mem)
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49685 – iio: trigger: sysfs: fix use-after-free on remove
https://notcve.org/view.php?id=CVE-2022-49685
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irq_work_run_list Read of size 8 at addr 0000000064702248 by task python3/25 Call Trace: irq_work_run_list irq_work_tick update_process_times tick_sched_handle tick_sched_timer __hrtimer_run_queues hrtimer_interrupt Allocated by ... • https://git.kernel.org/stable/c/f38bc926d022ebd67baad6ac7fc22c95fbc6238c • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49682 – xtensa: Fix refcount leak bug in time.c
https://notcve.org/view.php?id=CVE-2022-49682
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when ... • https://git.kernel.org/stable/c/3e5eb904d9ba657308fc75a5de434b0e58dcb8d7 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49681 – xtensa: xtfpga: Fix refcount leak bug in setup
https://notcve.org/view.php?id=CVE-2022-49681
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put... • https://git.kernel.org/stable/c/b12d5c52f073a0420622aaf2f21b615cce8b36cc •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49680 – ARM: exynos: Fix refcount leak in exynos_map_pmu
https://notcve.org/view.php?id=CVE-2022-49680
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() checks null pointer. In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount i... • https://git.kernel.org/stable/c/fce9e5bb25264153f9f002eada41757118d25ba9 •