CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50629 – wifi: rsi: Fix memory leak in rsi_coex_attach()
https://notcve.org/view.php?id=CVE-2022-50629
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach(). In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach(). The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/2108df3c4b1856588ca2e7f641900c2bbf38467e •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50628 – drm/gud: Fix UBSAN warning
https://notcve.org/view.php?id=CVE-2022-50628
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/gud: Fix UBSAN warning UBSAN complains about invalid value for bool: [ 101.165172] [drm] Initialized gud 1.0.0 20200422 for 2-3.2:1.0 on minor 1 [ 101.213360] gud 2-3.2:1.0: [drm] fb1: guddrmfb frame buffer device [ 101.213426] usbcore: registered new interface driver gud [ 101.989431] ================================================================================ [ 101.989441] UBSAN: invalid-load in linux/include/linux/iosys-map.h:253... • https://git.kernel.org/stable/c/40e1a70b4aedf2859a1829991b48ef0ebe650bf2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50627 – wifi: ath11k: fix monitor mode bringup crash
https://notcve.org/view.php?id=CVE-2022-50627
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereference crash. This crash happens when the packet type is extracted for a SKB. This extraction which is present in the received msdu delivery path,is not needed for the monitor ring packets since they are all RAW packets. Hence appending the flags with "RX_FLAG_ONLY_MONITOR" to skip that extraction. Observed calltrace:... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50626 – media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
https://notcve.org/view.php?id=CVE-2022-50626
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is due to not accounting for and freeing current iteration's adapter->priv in case of an error. Currently if an error occurs, it will exit before incrementing "num_adapters_initalized", which is used as a reference counter to free all adap->priv in "dvb_usb_adapter_exit()". There are multiple error paths that can exit... • https://git.kernel.org/stable/c/4d43e13f723e12734257277cc38497fab1efc605 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50625 – serial: amba-pl011: avoid SBSA UART accessing DMACR register
https://notcve.org/view.php?id=CVE-2022-50625
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1] documentation describes a generic UART interface. Such generic UART does not support DMA. In current code, sbsa_uart_pops and amba_pl011_pops share the same stop_rx operation, which will invoke pl011_dma_rx_stop, leading to an access of the DMACR register. This commit adds a using_rx_dma check in pl011_dma_rx_st... • https://git.kernel.org/stable/c/0dd1e247fd39aed20fd2baacc62ca44d82534798 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50624 – net: netsec: fix error handling in netsec_register_mdio()
https://notcve.org/view.php?id=CVE-2022-50624
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsec_register_mdio() If phy_device_register() fails, phy_device_free() need be called to put refcount, so memory of phy device and device name can be freed in callback function. If get_phy_device() fails, mdiobus_unregister() need be called, or it will cause warning in mdiobus_free() and kobject is leaked. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling... • https://git.kernel.org/stable/c/533dd11a12f698c571a12271b20f235792d3e148 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50623 – fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
https://notcve.org/view.php?id=CVE-2022-50623
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size() to fix that. In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_... • https://git.kernel.org/stable/c/322b598be4d9b9090cda560c4caab78704615ab4 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50622 – ext4: fix potential memory leak in ext4_fc_record_modified_inode()
https://notcve.org/view.php?id=CVE-2022-50622
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_inodes' may not be freed by krealloc, but 'state->fc_modified_inodes' already set NULL. Then will lead to 'state->fc_modified_inodes' memory leak. In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in t... • https://git.kernel.org/stable/c/8016e29f4362e285f0f7e38fadc61a5b7bdfdfa2 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50621 – dm: verity-loadpin: Only trust verity targets with enforcement
https://notcve.org/view.php?id=CVE-2022-50621
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when data corruption is detected, like returning an error, restarting the system or triggering a panic. In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets wi... • https://git.kernel.org/stable/c/b6c1c5745ccc68ac5d57c7ffb51ea25a86d0e97b •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50620 – f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
https://notcve.org/view.php?id=CVE-2022-50620
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc->f2fs_issue_discard in error path Syzbot reports a NULL pointer dereference issue as below: __refcount_add include/linux/refcount.h:193 [inline] __refcount_inc include/linux/refcount.h:250 [inline] refcount_inc include/linux/refcount.h:267 [inline] get_task_struct include/linux/sched/task.h:110 [inline] kthread_stop+0x34/0x1c0 kernel/kthread.c:703 f2fs_stop_discard_thread+0x3c/0x5c fs/f2fs/segment.c:1638 kill_f2f... • https://git.kernel.org/stable/c/4d67490498acb4ffcef5ba7bc44990d46e66a44c •