CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50645 – EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
https://notcve.org/view.php?id=CVE-2022-50645
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI device with refcount incremented, so it doesn't need to call an extra pci_dev_get() in pci_get_dev_wrapper(), and the PCI device needs to be put in the error path. In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domai... • https://git.kernel.org/stable/c/d4dc89d069aab9074e2493a4c2f3969a0a0b91c1 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50642 – platform/chrome: cros_ec_typec: zero out stale pointers
https://notcve.org/view.php?id=CVE-2022-50642
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in `port` become stale. The stale pointers eventually cause use-after-free or double free in later code paths. Zeroing out all pointer fields after freeing to eliminate these stale pointers. In the Linux kernel,... • https://git.kernel.org/stable/c/f28adb41dab4a2795fd959750df57adffd2bb0be •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50638 – ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
https://notcve.org/view.php?id=CVE-2022-50638
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:203! invalid opcode: 0000 [#1] PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not tainted 6.0.0-next-20221007-dirty #349 RIP: 0010:ext4_es_end.isra.0+0x34/0x42 RSP: 0018:ffffc9000143b768 EFLAGS: 00010203 RAX: 0000000000000000 RBX: ffff8881769cd0b8 RCX:... • https://git.kernel.org/stable/c/393d1d1d76933886d5e1ce603214c9987589c6d5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50637 – cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut()
https://notcve.org/view.php?id=CVE-2022-50637
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() If "cpu_dev" fails to get opp table in qcom_cpufreq_hw_read_lut(), the program will return, resulting in "table" resource is not released. In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() If "cpu_dev" fails to get opp table in qcom_cpufreq_hw_read_lut(), the program will return, resulting in "tab... • https://git.kernel.org/stable/c/51c843cf77bb52db6df947c4fedcfc62ae3b7b30 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50636 – PCI: Fix pci_device_is_present() for VFs by checking PF
https://notcve.org/view.php?id=CVE-2022-50636
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_device_is_present() for VFs by checking PF pci_device_is_present() previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead. Wei Gong reported that if virtio I/O is in progress when the driver is unbound or "0" is written to /sys/.../sriov_numvfs, the virtio I/O operation hangs, which may result in output like this: task:bash s... • https://git.kernel.org/stable/c/8496e85c20e7836b3dec97780e40f420a3ae2801 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50634 – power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()
https://notcve.org/view.php?id=CVE-2022-50634
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe() cw_bat_probe() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: cw_bat_probe() create_singlethread_workqueue() # failed, cw_bat->wq is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref Check the r... • https://git.kernel.org/stable/c/b4c7715c10c106a041b0b3fabd26151c214ea394 •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50633 – usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init
https://notcve.org/view.php?id=CVE-2022-50633
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init of_icc_get() alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3_qcom_interconnect_exit() function. Add icc_put() in error handling to fix this. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init of_icc_get() alloc resources for path handle, we shou... • https://git.kernel.org/stable/c/bea46b9815154ac47baf16b64022d791a4471375 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50632 – drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init()
https://notcve.org/view.php?id=CVE-2022-50632
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init() tad_pmu_init() won't remove the callback added by cpuhp_setup_state_multi() when platform_driver_register() failed. Remove the callback by cpuhp_remove_multi_state() in fail path. Similar to the handling of arm_ccn_init() in commit 26242b330093 ("bus: arm-ccn: Prevent hotplug callback leak") In the Linux kernel, the following vulnerability has been resolved: drivers: ... • https://git.kernel.org/stable/c/036a7584bede317d0df6b854e4f531b7a2dd8b33 •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50631 – RISC-V: kexec: Fix memory leak of fdt buffer
https://notcve.org/view.php?id=CVE-2022-50631
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of fdt buffer This is reported by kmemleak detector: unreferenced object 0xff60000082864000 (size 9588): comm "kexec", pid 146, jiffies 4294900634 (age 64.788s) hex dump (first 32 bytes): d0 0d fe ed 00 00 12 ed 00 00 00 48 00 00 11 40 ...........H...@ 00 00 00 28 00 00 00 11 00 00 00 02 00 00 00 00 ...(............ backtrace: [<00000000f95b17c4>] kmemleak_alloc+0x34/0x3e [<00000000b9ec8e3e>] kmalloc_order+0x9... • https://git.kernel.org/stable/c/6261586e0c91db14c34f894f4bc48f2300cff1d4 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53769 – virt/coco/sev-guest: Double-buffer messages
https://notcve.org/view.php?id=CVE-2023-53769
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy whole messages in or out as needed before doing any computation on them. In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms rea... • https://git.kernel.org/stable/c/d5af44dde5461d125d1602ac913ab5c6bdf09b8b •