CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50763 – crypto: marvell/octeontx - prevent integer overflows
https://notcve.org/view.php?id=CVE-2022-50763
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(ucode_size, 16)... • https://git.kernel.org/stable/c/d9110b0b01ff1cd02751cd5c2c94e938a8906083 •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50762 – fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
https://notcve.org/view.php?id=CVE-2022-50762
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() syzbot reported UBSAN error as below: [ 76.901829][ T6677] ================================================================================ [ 76.903908][ T6677] UBSAN: shift-out-of-bounds in fs/ntfs3/super.c:675:13 [ 76.905363][ T6677] shift exponent -247 is negative This patch avoid this error. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN er... • https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50761 – x86/xen: Fix memory leak in xen_init_lock_cpu()
https://notcve.org/view.php?id=CVE-2022-50761
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory leak issue, fix it. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandle... • https://git.kernel.org/stable/c/2d9e1e2f58b5612aa4eab0ab54c84308a29dbd79 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50760 – drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
https://notcve.org/view.php?id=CVE-2022-50760
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we break the loop in amdgpu_atrm_get_bios() with 'pdev' not NULL, we need to call pci_dev_put() to decrease the refcount. Add the missing pci_dev_put() to avoid refcount leak. In the Linux kernel, the following... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50759 – media: i2c: ov5648: Free V4L2 fwnode data on unbind
https://notcve.org/view.php?id=CVE-2022-50759
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. • https://git.kernel.org/stable/c/e43ccb0a045f34838b786e8021dc4838b4af5c38 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50758 – staging: vt6655: fix potential memory leak
https://notcve.org/view.php?id=CVE-2022-50758
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function device_init_td0_ring, memory is allocated for member td_info of priv->apTD0Rings[i], with i increasing from 0. In case of allocation failure, the memory is freed in reversed order, with i decreasing to 0. However, the case i=0 is left out and thus memory is leaked. Modify the memory freeing loop to include the case i=0. In the Linux kernel, the following vulnerability has been resolved:... • https://git.kernel.org/stable/c/5341ee0adb17d12a96dc5344e0d267cd12b52135 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50757 – media: camss: Clean up received buffers on failed start of streaming
https://notcve.org/view.php?id=CVE-2022-50757
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50756 – nvme-pci: fix mempool alloc size
https://notcve.org/view.php?id=CVE-2022-50756
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was previously rounding this to 1 list, but we can require 2 in the worst case. In that scenario, the driver would corrupt memory beyond the size provided by the mempool. While unlikely to occur (you'd need a 4MB in exa... • https://git.kernel.org/stable/c/943e942e6266f22babee5efeb00f8f672fbff5bd •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50755 – udf: Avoid double brelse() in udf_rename()
https://notcve.org/view.php?id=CVE-2022-50755
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <TASK> invalidate_bh_lru+0x99/0x150 smp_call_function_many_cond+0xe2a/0x10c0 ? generic_remap_file_range_prep+0x50/0x50 ? __brelse+0xa0/0xa0 ? __mutex_lock+0x21c/0x12d0 ? smp_call_on_cpu+0x250/0x250 ? • https://git.kernel.org/stable/c/231473f6ddcef9c01993e0bfe36acc6f8e425c31 •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50754 – apparmor: fix a memleak in multi_transaction_new()
https://notcve.org/view.php?id=CVE-2022-50754
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix this bug by adding a put_multi_transaction(t) in the error path. In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not ... • https://git.kernel.org/stable/c/1dea3b41e84c5923173fe654dcb758a5cb4a46e5 •