CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-50271 – vhost/vsock: Use kvmalloc/kvfree for larger packets.
https://notcve.org/view.php?id=CVE-2022-50271
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure: order:4, mode:0x24040c0 Call Trace: [
CVSS: 5.5EPSS: %CPEs: 9EXPL: 0CVE-2022-50268 – mmc: moxart: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50268
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: f... • https://git.kernel.org/stable/c/1b66e94e6b9995323190f31c51d8e1a6f516627e •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2022-50267 – mmc: rtsx_pci: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50267
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_pci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path, beside, runtime PM also needs be disabled. In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/ff984e57d36e8ac468849a144a36f1c11f88b61c •
CVSS: 5.5EPSS: %CPEs: 9EXPL: 0CVE-2022-50266 – kprobes: Fix check for probe enabled in kill_kprobe()
https://notcve.org/view.php?id=CVE-2022-50266
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in kill_kprobe() In kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be called always fails. This is because before that we set the KPROBE_FLAG_GONE flag for kprobe so that "!kprobe_disabled(p)" is always false. The disarm_kprobe_ftrace() call introduced by commit: 0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler") to fix the NULL pointer reference problem. Wh... • https://git.kernel.org/stable/c/3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e •
CVSS: 6.3EPSS: %CPEs: 8EXPL: 0CVE-2022-50265 – kcm: annotate data-races around kcm->rx_wait
https://notcve.org/view.php?id=CVE-2022-50265
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_wait kcm->rx_psock can be read locklessly in kcm_rfree(). Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcm_rcv_strparser / kcm_rfree write to 0xffff88810784e3d0 of 1 bytes by task 1823 on cpu 1: reserve_rx_kcm net/kcm/kcmsock.c:283 [inline] kcm_rcv_strparser+0x250/0x3a0 net/kcm/kcmsock.c:363 __strp_recv+0x64c/0xd20 net/strparser/strparser.c:301 strp_recv+0x6d/0x8... • https://git.kernel.org/stable/c/ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 •
CVSS: 7.8EPSS: %CPEs: 6EXPL: 0CVE-2022-50264 – clk: socfpga: Fix memory leak in socfpga_gate_init()
https://notcve.org/view.php?id=CVE-2022-50264
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpga_gate_init() Free @socfpga_clk and @ops on the error path to avoid memory leak issue. • https://git.kernel.org/stable/c/a30a67be7b6e1117e0c0f5bcf84328ccdb8d6205 •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2023-53197 – USB: uhci: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53197
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result m... • https://git.kernel.org/stable/c/c6af1dbc99ad37bf67c8703982df4d7f12d256c1 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2023-53196 – usb: dwc3: qcom: Fix potential memory leak
https://notcve.org/view.php?id=CVE-2023-53196
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3_qcom_probe() allocates memory for resource structure which is pointed by parent_res pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent memory leak. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/2bc02355f8ba2c1f108ec8b16a673b467a17228c •
CVSS: 7.8EPSS: %CPEs: 5EXPL: 0CVE-2023-53192 – vxlan: Fix nexthop hash size
https://notcve.org/view.php?id=CVE-2023-53192
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size The nexthop code expects a 31 bit hash, such as what is returned by fib_multipath_hash() and rt6_multipath_hash(). Passing the 32 bit hash returned by skb_get_hash() can lead to problems related to the fact that 'int hash' is a negative number when the MSB is set. In the case of hash threshold nexthop groups, nexthop_select_path_hthr() will disproportionately select the first nexthop group entry. In the case of ... • https://git.kernel.org/stable/c/1274e1cc42264d4e629841e4f182795cb0becfd2 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53191 – irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
https://notcve.org/view.php?id=CVE-2023-53191
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains of_irq_find_parent() returns a node pointer with refcount increm... • https://git.kernel.org/stable/c/e6b78f2c3e14a9e3a909be3e6ec305d9f1cbabbd •