CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50023 – dmaengine: dw-axi-dmac: ignore interrupt if no descriptor
https://notcve.org/view.php?id=CVE-2022-50023
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is raised then the kernel will OOPS. Check the result of vchan_next_desc() in the handler axi_chan_block_xfer_complete() to avoid the error happening. In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is rais... • https://git.kernel.org/stable/c/54aa6c49361b79f7f6b15fc63dfe9ea52c70bb03 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50022 – drivers:md:fix a potential use-after-free bug
https://notcve.org/view.php?id=CVE-2022-50022
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5_release_stripe(sh);" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if (sh->batch_head && sh != sh->batch_head)". This may result in an use-after-free bug. It can be fixed by moving "raid5_release_stripe(sh);" to the bottom of the function. • https://git.kernel.org/stable/c/7470a4314b239e9a9580f248fdf4c9a92805490e •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50021 – ext4: block range must be validated before use in ext4_mb_clear_bb()
https://notcve.org/view.php?id=CVE-2022-50021
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4_mb_clear_bb() Block range to free is validated in ext4_free_blocks() using ext4_inode_block_valid() and then it's passed to ext4_mb_clear_bb(). However in some situations on bigalloc file system the range might be adjusted after the validation in ext4_free_blocks() which can lead to troubles on corrupted file systems such as one found by syzkaller that resulted in the following BUG kern... • https://git.kernel.org/stable/c/7550aade978371ac582f6d43b14c4cb89ca54463 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50020 – ext4: avoid resizing to a partial cluster size
https://notcve.org/view.php?id=CVE-2022-50020
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration attempting to grow the fs by a negative amount, which trips a BUG_ON and leaves the fs with a corrupted in-memory superblock. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing ... • https://git.kernel.org/stable/c/53f62a4201be1cfc1e3c971e566888b182c3ffb0 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50019 – tty: serial: Fix refcount leak bug in ucc_uart.c
https://notcve.org/view.php?id=CVE-2022-50019
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount incremented. We should use of_node_put() when it i... • https://git.kernel.org/stable/c/8245e7d1d7f75a9255ad1e8146752e5051d528b8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50017 – mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start
https://notcve.org/view.php?id=CVE-2022-50017
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start We should call of_node_put() for the reference 'uctl_node' returned by of_get_parent() which will increase the refcount. Otherwise, there will be a refcount leak bug. In the Linux kernel, the following vulnerability has been resolved: mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start We should call of_node_put() for the reference 'uctl_node' ... • https://git.kernel.org/stable/c/9d1afa0169a84dcd5b79901d792edeb8403684ab •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50016 – ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
https://notcve.org/view.php?id=CVE-2022-50016
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FW_READY message (it is not yet clear if FW_READY will arrive later). Since the reply_data is allocated only after the FW_READY message, this will lead to a NULL pointer dereference if not filtered out. The issue was reported with IPC4 firmware but the same con... • https://git.kernel.org/stable/c/273020522ef62361c5d86eebe45a72418ed8dea4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50015 – ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot
https://notcve.org/view.php?id=CVE-2022-50015
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FW_READY message (it is not yet clear if FW_READY will arrive later). Since the reply_data is allocated only after the FW_READY message, this will lead to a NULL pointer dereference if not filtered out. The issue was reported with IPC4 firmware but the same... • https://git.kernel.org/stable/c/6e9cde974863dc9d9c6cdb178f625e410c5be3d0 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50013 – f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
https://notcve.org/view.php?id=CVE-2022-50013
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() As Dipanjan Das
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50012 – powerpc/64: Init jump labels before parse_early_param()
https://notcve.org/view.php?id=CVE-2022-50012
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parse_early_param() On 64-bit, calling jump_label_init() in setup_feature_keys() is too late because static keys may be used in subroutines of parse_early_param() which is again subroutine of early_init_devtree(). For example booting with "threadirqs": static_key_enable_cpuslocked(): static key '0xc000000002953260' used before call to jump_label_init() WARNING: CPU: 0 PID: 0 at kernel/jump_label.c:166 sta... • https://git.kernel.org/stable/c/c4ced9fd10073adc854919976b88ad6004271119 •