CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49811 – drbd: use after free in drbd_create_device()
https://notcve.org/view.php?id=CVE-2022-49811
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbd_create_device() The drbd_destroy_connection() frees the "connection" so use the _safe() iterator to prevent a use after free. • https://git.kernel.org/stable/c/b6f85ef9538b2111a8ba0bbfae9aaebabfc94961 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49810 – netfs: Fix missing xas_retry() calls in xarray iteration
https://notcve.org/view.php?id=CVE-2022-49810
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing xas_retry() calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarray whilst being under the RCU read lock. It *should* call xas_retry() as the first thing inside of the loop and do "continue" if it returns true in case the xarray walker passed out a special value indicating that the walk needs to be redone from the root[*]. Fix this by adding the missing retry checks. [*] I won... • https://git.kernel.org/stable/c/3d3c95046742e4eebaa4b891b0b01cbbed94ebbd •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49809 – net/x25: Fix skb leak in x25_lapb_receive_frame()
https://notcve.org/view.php?id=CVE-2022-49809
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. Otherwise there is a memory leak. • https://git.kernel.org/stable/c/cb101ed2c3c7c0224d16953fe77bfb9d6c2cb9df •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49808 – net: dsa: don't leak tagger-owned storage on switch driver unbind
https://notcve.org/view.php?id=CVE-2022-49808
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba ("net: dsa: introduce tagger-owned storage for private and shared data"), we had a call to tag_ops->disconnect(dst) issued from dsa_tree_free(), which is called at tree teardown time. There were problems with connecting to a switch tree as a whole, so this got reworked to connecting to individual switches within the tree. In this process, ta... • https://git.kernel.org/stable/c/7f2973149c22e7a6fee4c0c9fa6b8e4108e9c208 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49807 – nvmet: fix a memory leak in nvmet_auth_set_key
https://notcve.org/view.php?id=CVE-2022-49807
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a memory leak in nvmet_auth_set_key When changing dhchap secrets we need to release the old secrets as well. kmemleak complaint: -- unreferenced object 0xffff8c7f44ed8180 (size 64): comm "check", pid 7304, jiffies 4295686133 (age 72034.246s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 4c 64 4c 4f 64 71 DHHC-1:00:LdLOdq 79 56 69 67 77 48 55 32 6d 5a 59 4c 7a 35 59 38 yVigwHU2mZYLz5Y8 backtrace: [<00000000b6fc5071>] ks... • https://git.kernel.org/stable/c/db1312dd95488b5e6ff362ff66fcf953a46b1821 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49806 – net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
https://notcve.org/view.php?id=CVE-2022-49806
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start() sparx_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: sparx_stats_init() create_singlethread_workqueue() # failed, sparx5->stats_queue is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # acc... • https://git.kernel.org/stable/c/b37a1bae742f92cc9b1f777d54e04ee3d86bbfc2 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49805 – net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
https://notcve.org/view.php?id=CVE-2022-49805
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init() lan966x_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: lan966x_stats_init() create_singlethread_workqueue() # failed, lan966x->stats_queue is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-pt... • https://git.kernel.org/stable/c/12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49804 – s390: avoid using global register for current_stack_pointer
https://notcve.org/view.php?id=CVE-2022-49804
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a function") made current_stack_pointer a global register variable like on many other architectures. Unfortunately on s390 it uncovers old gcc bug which is fixed only since gcc-9.1 [gcc commit 3ad7fed1cc87 ("S/390: Fix PR89775. Stackpointer save/restore instructions removed")] and backported to gcc-8.4 and later. Due to... • https://git.kernel.org/stable/c/30de14b1884ba609fc1acfba5b40309e3a6ccefe •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49803 – netdevsim: Fix memory leak of nsim_dev->fa_cookie
https://notcve.org/view.php?id=CVE-2022-49803
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsim_dev->fa_cookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s) hex dump (first 8 bytes): 04 00 00 00 de ad be ef ........ backtrace: [<00000000c80b8577>] __kmalloc+0x49/0x150 [<000000005292b8c6>] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim] [<0000000093d78e77>] full_proxy_write+0xf3/0x180 [<000000005a662c16>] vfs_w... • https://git.kernel.org/stable/c/d3cbb907ae57fe5da314b51d949b617b538bdeae •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49802 – ftrace: Fix null pointer dereference in ftrace_add_mod()
https://notcve.org/view.php?id=CVE-2022-49802
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). If kstrdup() for @ftrace_mod->{func|module} fails, it goes to @out_free tag and calls free_ftrace_mod() to destroy @ftrace_mod, then list_del() will write prev->next and next->prev, where null pointer dereference happens. BUG: kernel NUL... • https://git.kernel.org/stable/c/673feb9d76ab3eddde7acfd94b206e321cfc90b9 •