CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50273 – f2fs: fix to do sanity check on destination blkaddr during recovery
https://notcve.org/view.php?id=CVE-2022-50273
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on destination blkaddr during recovery As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 loop5: detected capacity change from 0 to 131072 F2FS-fs (loop5): recover_inode: ino = 6, name = hln, inline = 1 F2FS-fs (loop5): recover_data: ino = 6 (i_size: recover) err = 0 F2FS-fs (loop5): recover_inode: ino = 6, name = hln, inline = 1 F2FS-fs (loop5): recover_data: ino = 6 (i_size... • https://git.kernel.org/stable/c/98e4da8ca301e062d79ae168c67e56f3c3de3ce4 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50272 – media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
https://notcve.org/view.php?id=CVE-2022-50272
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei Chen reports a kernel bug as blew: general protection fault, probably for non-canonical address KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50271 – vhost/vsock: Use kvmalloc/kvfree for larger packets.
https://notcve.org/view.php?id=CVE-2022-50271
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure: order:4, mode:0x24040c0 Call Trace: [
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50268 – mmc: moxart: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50268
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: f... • https://git.kernel.org/stable/c/1b66e94e6b9995323190f31c51d8e1a6f516627e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50267 – mmc: rtsx_pci: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50267
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_pci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path, beside, runtime PM also needs be disabled. In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/ff984e57d36e8ac468849a144a36f1c11f88b61c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50266 – kprobes: Fix check for probe enabled in kill_kprobe()
https://notcve.org/view.php?id=CVE-2022-50266
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in kill_kprobe() In kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be called always fails. This is because before that we set the KPROBE_FLAG_GONE flag for kprobe so that "!kprobe_disabled(p)" is always false. The disarm_kprobe_ftrace() call introduced by commit: 0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler") to fix the NULL pointer reference problem. Wh... • https://git.kernel.org/stable/c/3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50265 – kcm: annotate data-races around kcm->rx_wait
https://notcve.org/view.php?id=CVE-2022-50265
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_wait kcm->rx_psock can be read locklessly in kcm_rfree(). Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcm_rcv_strparser / kcm_rfree write to 0xffff88810784e3d0 of 1 bytes by task 1823 on cpu 1: reserve_rx_kcm net/kcm/kcmsock.c:283 [inline] kcm_rcv_strparser+0x250/0x3a0 net/kcm/kcmsock.c:363 __strp_recv+0x64c/0xd20 net/strparser/strparser.c:301 strp_recv+0x6d/0x8... • https://git.kernel.org/stable/c/ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50264 – clk: socfpga: Fix memory leak in socfpga_gate_init()
https://notcve.org/view.php?id=CVE-2022-50264
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpga_gate_init() Free @socfpga_clk and @ops on the error path to avoid memory leak issue. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/a30a67be7b6e1117e0c0f5bcf84328ccdb8d6205 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53191 – irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
https://notcve.org/view.php?id=CVE-2023-53191
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains of_irq_find_parent() returns a node pointer with refcount increm... • https://git.kernel.org/stable/c/e6b78f2c3e14a9e3a909be3e6ec305d9f1cbabbd •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53189 – ipv6/addrconf: fix a potential refcount underflow for idev
https://notcve.org/view.php?id=CVE-2023-53189
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconf_mod_rs_timer(), reference idev depends on whether rs_timer is not pending. Then modify rs_timer timeout. There is a time gap in [1], during which if the pending rs_timer becomes not pending. It will miss to hold idev, but the rs_timer is activated. Thus rs_timer callback function addrconf_rs_timer() will be executed and put idev later without holding idev. • https://git.kernel.org/stable/c/b7b1bfce0bb68bd8f6e62a28295922785cc63781 •