CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50769 – mmc: mxcmmc: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50769
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: f... • https://git.kernel.org/stable/c/d96be879ff469759af6d7fcebdb66237c18da6f8 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50768 – scsi: smartpqi: Correct device removal for multi-actuator devices
https://notcve.org/view.php?id=CVE-2022-50768
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause kernel panics. In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause kernel panics. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/2d80f4054f7f901b8ad97358a9069616ac8524c7 •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50765 – RISC-V: kexec: Fix memory leak of elf header buffer
https://notcve.org/view.php?id=CVE-2022-50765
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xff2000000403d000 (size 4096): comm "kexec", pid 146, jiffies 4294900633 (age 64.792s) hex dump (first 32 bytes): 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 .ELF............ 04 00 f3 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000566ca97c>] kmemleak_vmalloc+0x3c/0xbe [<00000000979283d8>] __vmallo... • https://git.kernel.org/stable/c/8acea455fafaf2620b247de6c00774828b618a82 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50764 – ipv6/sit: use DEV_STATS_INC() to avoid data-races
https://notcve.org/view.php?id=CVE-2022-50764
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev->stats.tx_error concurrently. This is because sit tunnels are NETIF_F_LLTX, meaning their ndo_start_xmit() is not protected by a spinlock. While original KCSAN report was about tx path, rx path has the same issue. In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzb... • https://git.kernel.org/stable/c/8df40d1033d64597dcf1efd4f7547e817f7a953b •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50762 – fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
https://notcve.org/view.php?id=CVE-2022-50762
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() syzbot reported UBSAN error as below: [ 76.901829][ T6677] ================================================================================ [ 76.903908][ T6677] UBSAN: shift-out-of-bounds in fs/ntfs3/super.c:675:13 [ 76.905363][ T6677] shift exponent -247 is negative This patch avoid this error. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN er... • https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50761 – x86/xen: Fix memory leak in xen_init_lock_cpu()
https://notcve.org/view.php?id=CVE-2022-50761
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory leak issue, fix it. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandle... • https://git.kernel.org/stable/c/2d9e1e2f58b5612aa4eab0ab54c84308a29dbd79 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50760 – drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
https://notcve.org/view.php?id=CVE-2022-50760
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we break the loop in amdgpu_atrm_get_bios() with 'pdev' not NULL, we need to call pci_dev_put() to decrease the refcount. Add the missing pci_dev_put() to avoid refcount leak. In the Linux kernel, the following... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50759 – media: i2c: ov5648: Free V4L2 fwnode data on unbind
https://notcve.org/view.php?id=CVE-2022-50759
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. • https://git.kernel.org/stable/c/e43ccb0a045f34838b786e8021dc4838b4af5c38 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50757 – media: camss: Clean up received buffers on failed start of streaming
https://notcve.org/view.php?id=CVE-2022-50757
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50756 – nvme-pci: fix mempool alloc size
https://notcve.org/view.php?id=CVE-2022-50756
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was previously rounding this to 1 list, but we can require 2 in the worst case. In that scenario, the driver would corrupt memory beyond the size provided by the mempool. While unlikely to occur (you'd need a 4MB in exa... • https://git.kernel.org/stable/c/943e942e6266f22babee5efeb00f8f672fbff5bd •