CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49864 – drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
https://notcve.org/view.php?id=CVE-2022-49864
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced. • https://git.kernel.org/stable/c/3c1bb6187e566143f15dbf0367ae671584aead5b •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49863 – can: af_can: fix NULL pointer dereference in can_rx_register()
https://notcve.org/view.php?id=CVE-2022-49863
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rx_register() It causes NULL pointer dereference when testing as following: (a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket. (b) use syscall(__NR_sendmsg, ...) to create bond link device and vxcan link device, and bind vxcan device to bond device (can also use ifenslave command to bind vxcan device to bond device). (c) use syscall(__NR_socket, 0x1dul, 3ul, 1) to create C... • https://git.kernel.org/stable/c/4ac1feff6ea6495cbfd336f4438a6c6d140544a6 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2022-49862 – tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
https://notcve.org/view.php?id=CVE-2022-49862
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header This is a follow-up for commit 974cb0e3e7c9 ("tipc: fix uninit-value in tipc_nl_compat_name_table_dump") where it should have type casted sizeof(..) to int to work when TLV_GET_DATA_LEN() returns a negative value. syzbot reported a call trace because of it: BUG: KMSAN: uninit-value in ... tipc_nl_compat_name_table_dump+0x841/0xea0 net/tipc/netlink_compat.c:934 __t... • https://git.kernel.org/stable/c/4c559fb7e111077b56f62ccf833a52d8169cde19 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49861 – dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
https://notcve.org/view.php?id=CVE-2022-49861
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call. In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in... • https://git.kernel.org/stable/c/3bdcced41936b054470639c6a76ae033df1074e3 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49858 – octeontx2-pf: Fix SQE threshold checking
https://notcve.org/view.php?id=CVE-2022-49858
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same index is processed in NAPI resulting losing SKB pointers, hence a leak. Fix this by checking a consumer index which is updated once CQE is processed. In the Linux kernel, the following vulnerability has been resolved... • https://git.kernel.org/stable/c/3ca6c4c882a7f34085b170d93cf0d0e843aa00e6 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-49856 – net: tun: call napi_schedule_prep() to ensure we own a napi
https://notcve.org/view.php?id=CVE-2022-49856
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: tun: call napi_schedule_prep() to ensure we own a napi A recent patch exposed another issue in napi_get_frags() caught by syzbot [1] Before feeding packets to GRO, and calling napi_complete() we must first grab NAPI_STATE_SCHED. [1] WARNING: CPU: 0 PID: 3612 at net/core/dev.c:6076 napi_complete_done+0x45b/0x880 net/core/dev.c:6076 Modules linked in: CPU: 0 PID: 3612 Comm: syz-executor408 Not tainted 6.1.0-rc3-syzkaller-00175-g1118b2049... • https://git.kernel.org/stable/c/07d120aa33cc9d9115753d159f64d20c94458781 •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49853 – net: macvlan: fix memory leaks of macvlan_common_newlink
https://notcve.org/view.php?id=CVE-2022-49853
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49852 – riscv: process: fix kernel info leakage
https://notcve.org/view.php?id=CVE-2022-49852
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage thread_struct's s[12] may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s[12] array in thread_struct when fork. As for kthread case, it's better to clear the s[12] array as well. In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage thread_struct's s[12] may contain r... • https://git.kernel.org/stable/c/7db91e57a0acde126a162ababfb1e0ab190130cb •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49851 – riscv: fix reserved memory setup
https://notcve.org/view.php?id=CVE-2022-49851
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using of_reserved_mem_lookup(), the pointer to reserved memory regions is using the early, pre-virtual-memory address which causes a kernel panic when trying to use the buffer's name: Unable to handle kernel paging request at virtual address 00000000401c31ac Oops [#1] ... • https://git.kernel.org/stable/c/922b0375fc93fb1a20c5617e37c389c26bbccb70 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49850 – nilfs2: fix deadlock in nilfs_count_free_blocks()
https://notcve.org/view.php?id=CVE-2022-49850
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfs_count_free_blocks() A semaphore deadlock can occur if nilfs_get_block() detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time: task 1 task 2 ------ ------ * A file operation * nilfs_truncate() nilfs_get_block() down_read(rwsem A) <-- nilfs_bmap_lookup_contig() ... generic_shutdown_super() nilfs_put_super() * Prepare to write superblock * down_write(rwsem B) <-... • https://git.kernel.org/stable/c/e828949e5b42bfd234ee537cdb7c5e3a577958a3 •