CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48860 – ethernet: Fix error handling in xemaclite_of_probe
https://notcve.org/view.php?id=CVE-2022-48860
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ethernet: Fix error handling in xemaclite_of_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. As the remove function do. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ethernet: corrige el manejo de errores en xemaclite_of_probe Este puntero de nodo lo devuelve of_parse_phandle() con refcount incrementado en esta func... • https://git.kernel.org/stable/c/5cdaaa12866e916d0ada8b56c5f0e543cfc7fe3d • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48859 – net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr
https://notcve.org/view.php?id=CVE-2022-48859
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr This node pointer is returned by of_find_compatible_node() with refcount incremented. Calling of_node_put() to aovid the refcount leak. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: marvell: prestera: Agregar falta of_node_put() en prestera_switch_set_base_mac_addr Este puntero de nodo lo devuelve of_find_compatible_node() con ... • https://git.kernel.org/stable/c/501ef3066c89d7f9045315e1be58749cf9e6814d • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48858 – net/mlx5: Fix a race on command flush flow
https://notcve.org/view.php?id=CVE-2022-48858
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix a race on command flush flow Fix a refcount use after free warning due to a race on command entry. Such race occurs when one of the commands releases its last refcount and frees its index and entry while another process running command flush flow takes refcount to this command entry. The process which handles commands flush may see this command as needed to be flushed if the other process released its refcount but didn't rel... • https://git.kernel.org/stable/c/073fff8102062cd675170ceb54d90da22fe7e668 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48857 – NFC: port100: fix use-after-free in port100_send_complete
https://notcve.org/view.php?id=CVE-2022-48857
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100_send_complete Syzbot reported UAF in port100_send_complete(). The root case is in missing usb_kill_urb() calls on error handling path of ->probe function. port100_send_complete() accesses devm allocated memory which will be freed on probe failure. We should kill this urbs before returning an error from probe function to prevent reported use-after-free Fail log: BUG: KASAN: use-after-free in p... • https://git.kernel.org/stable/c/0347a6ab300a1532c298823408d6e51ccf4e4f45 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48856 – gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
https://notcve.org/view.php?id=CVE-2022-48856
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fix refcount leak in gfar_get_ts_info The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: gianfar: ethtool: corrige la fuga de refcount en gfar_get_ts_info La función of_find_compatible_node() devuelve un puntero de nodo con... • https://git.kernel.org/stable/c/7349a74ea75ca27606ead81df3ed67f1b32a94ba • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48855 – sctp: fix kernel-infoleak for SCTP sockets
https://notcve.org/view.php?id=CVE-2022-48855
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initialized if inet_sctp_diag_fill() calls inet_diag_msg_common_fill() Make sure to clear idiag_timer/idiag_retrans/idiag_expires and let inet_diag_msg_sctpasoc_fill() fill them again if needed. [1] BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inl... • https://git.kernel.org/stable/c/8f840e47f190cbe61a96945c13e9551048d42cef • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48854 – net: arc_emac: Fix use after free in arc_mdio_probe()
https://notcve.org/view.php?id=CVE-2022-48854
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: arc_emac: Fix use after free in arc_mdio_probe() If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free the "bus". But bus->name is still used in the next line, which will lead to a use after free. We can fix it by putting the name in a local variable and make the bus->name point to the rodata section "name",then use the name in the error message without referring to bus to avoid the uaf. En el kernel de Linux, se ... • https://git.kernel.org/stable/c/95b5fc03c189e4ea5c63785274cc0b77fcc3a818 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48853 – swiotlb: fix info leak with DMA_FROM_DEVICE
https://notcve.org/view.php?id=CVE-2022-48853
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMA_FROM_DEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. A short description of what happens follows: 1) The test case issues a command code 00 (TEST UNIT READY) via the SG_IO interface with: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV and a corresponding dxferp. The peculiar thing about this is that TUR is not reading from the device. 2) In sg_star... • https://git.kernel.org/stable/c/c132f2ba716b5ee6b35f82226a6e5417d013d753 •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48852 – drm/vc4: hdmi: Unregister codec device on unbind
https://notcve.org/view.php?id=CVE-2022-48852
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device at unbind. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/vc4: hdmi: Anular el registro del dispositivo códec al desvincular. Al vincular, registraremos el dispositivo códec HDMI pero no lo cancelaremos al desvincular, lo que provoca... • https://git.kernel.org/stable/c/ee22082c3e2f230028afa0e22aa8773b1de3c919 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48851 – staging: gdm724x: fix use after free in gdm_lte_rx()
https://notcve.org/view.php?id=CVE-2022-48851
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: staging: gdm724x: fix use after free in gdm_lte_rx() The netif_rx_ni() function frees the skb so we can't dereference it to save the skb->len. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: staging: gdm724x: corrige el use after free en gdm_lte_rx() La función netif_rx_ni() libera el skb para que no podamos desreferenciarlo para guardar el skb->len. • https://git.kernel.org/stable/c/61e121047645122c47714fcda684d0ee67f444af • CWE-416: Use After Free •