CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49770 – ceph: avoid putting the realm twice when decoding snaps fails
https://notcve.org/view.php?id=CVE-2022-49770
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'first_realm' and 'realm' pointing to the same snaprealm memory. ... In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'first_realm' and 'realm' pointing to the same snaprealm memory. • https://git.kernel.org/stable/c/274e4c79a3a2a24fba7cfe0e41113f1138785c37 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49769 – gfs2: Check sb_bsize_shift after reading superblock
https://notcve.org/view.php?id=CVE-2022-49769
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sb_bsize_shift after reading superblock Fuzzers like to scribble over sb_bsize_shift but in reality it's very unlikely that this field would be corrupted on its own. ... In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sb_bsize_shift after reading superblock Fuzzers like to scribble over sb_bsize_shift but in reality it's very unlikely that this field would be corrupted on its own. • https://git.kernel.org/stable/c/d6b1e8ea6f3418c3b461ad5a35cdc93c996b2c87 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49768 – 9p: trans_fd/p9_conn_cancel: drop client lock earlier
https://notcve.org/view.php?id=CVE-2022-49768
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: 9p: trans_fd/p9_conn_cancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier. In the Linux kernel, the following vulnerability has been resolved: 9p: trans_fd/p9_conn_cancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to loca... • https://git.kernel.org/stable/c/82825dbf393f7c7979d462f9609a15bde8092b3f •
CVSS: 2.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49767 – 9p/trans_fd: always use O_NONBLOCK read/write
https://notcve.org/view.php?id=CVE-2022-49767
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: 9p/trans_fd: always use O_NONBLOCK read/write syzbot is reporting hung task at p9_fd_close() [1], for p9_mux_poll_stop() from p9_conn_destroy() from p9_fd_close() is failing to interrupt already started kernel_read() from p9_fd_read() from p9_read_work() and/or kernel_write() from p9_fd_write() from p9_write_work() requests. ... [Dominique: add comment at Christian's suggestion] In the Linux kernel, the following vulnerability... • https://git.kernel.org/stable/c/0b5e6bd72b8171364616841603a70e4ba9837063 •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49766 – netlink: Bounds-check struct nlmsgerr creation
https://notcve.org/view.php?id=CVE-2022-49766
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFY_SOURCE doing bounds-check on memcpy(), switch from __nlmsg_put to nlmsg_put(), and explain the bounds check for dealing with the memcpy() across a composite flexible array struct. Avoids this future run-time warning: memcpy: detected field-spanning write (size 32) of single field "&errmsg->msg" at net/netlink/af_netlink.c:2447 (size 16) In the Linux kern... • https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49765 – net/9p: use a dedicated spinlock for trans_fd
https://notcve.org/view.php?id=CVE-2022-49765
01 May 2025 — Since the locks actually protect different things in client.c and in trans_fd.c, just replace trans_fd.c's lock by a new one specific to the transport (client.c's protect the idr for fid/tag allocations, while trans_fd.c's protects its own req list and request status field that acts as the transport's state machine) In the Linux kernel, the following vulnerability has been resolved: net/9p: use a dedicated spinlock for trans_fd Shamelessly copying the explanation from Tetsuo Handa's suggested patch[1... • https://git.kernel.org/stable/c/43bbadb7e4636dc02f6a283c2a39e6438e6173cd •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49764 – bpf: Prevent bpf program recursion for raw tracepoint probes
https://notcve.org/view.php?id=CVE-2022-49764
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot [1] about warnings that were caused by bpf program attached to contention_begin raw tracepoint triggering the same tracepoint by using bpf_trace_printk helper that takes trace_printk_lock lock. ... Moving bpf_prog_inc_misses_counter to syscall.c because trampoline.c is compiled in just for CONFIG_BPF_JIT option. [1] https://lore.kernel.org/bpf/YxhF... • https://git.kernel.org/stable/c/2e5399879024fedd6cdc41f73fbf9bbe7208f899 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49763 – ntfs: fix use-after-free in ntfs_attr_find()
https://notcve.org/view.php?id=CVE-2022-49763
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfs_attr_find() Patch series "ntfs: fix bugs about Attribute", v2. ... In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfs_attr_find() Patch series "ntfs: fix bugs about Attribute", v2. ... The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bug fixes. • https://git.kernel.org/stable/c/79f3ac7dcd12c05b7539239a4c6fa229a50d786c •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49762 – ntfs: check overflow when iterating ATTR_RECORDs
https://notcve.org/view.php?id=CVE-2022-49762
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTR_RECORDs Kernel iterates over ATTR_RECORDs in mft record in ntfs_attr_find(). ... In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTR_RECORDs Kernel iterates over ATTR_RECORDs in mft record in ntfs_attr_find(). ... The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bug fixes. • https://git.kernel.org/stable/c/5559eb5809353a83a40a1e4e7f066431c7b83020 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-36790 – nvmet: fix a memory leak
https://notcve.org/view.php?id=CVE-2020-36790
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a memory leak We forgot to free new_model_number • https://git.kernel.org/stable/c/013b7ebe5a0d70e2a02fd225174595e79c591b3e •