CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49575 – tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
https://notcve.org/view.php?id=CVE-2022-49575
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. • https://git.kernel.org/stable/c/36e31b0af58728071e8023cf8e20c5166b700717 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49574 – tcp: Fix data-races around sysctl_tcp_recovery.
https://notcve.org/view.php?id=CVE-2022-49574
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/4f41b1c58a32537542f14c1150099131613a5e8a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49573 – tcp: Fix a data-race around sysctl_tcp_early_retrans.
https://notcve.org/view.php?id=CVE-2022-49573
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/eed530b6c67624db3f2cf477bac7c4d005d8f7ba •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49572 – tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
https://notcve.org/view.php?id=CVE-2022-49572
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. • https://git.kernel.org/stable/c/35089bb203f44e33b6bbb6c4de0b0708f9a48921 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49571 – tcp: Fix data-races around sysctl_tcp_max_reordering.
https://notcve.org/view.php?id=CVE-2022-49571
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_max_reordering. While reading sysctl_tcp_max_reordering, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_max_reordering. While reading sysctl_tcp_max_reordering, it can be changed concurrently. • https://git.kernel.org/stable/c/dca145ffaa8d39ea1904491ac81b92b7049372c0 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49568 – KVM: Don't null dereference ops->destroy
https://notcve.org/view.php?id=CVE-2022-49568
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops->destroy A KVM device cleanup happens in either of two callbacks: 1) destroy() which is called when the VM is being destroyed; 2) release() which is called when a device fd is closed. Most KVM devices use 1) but Book3s's interrupt controller KVM devices (XICS, XIVE, XIVE-native) use 2) as they need to close and reopen during the machine execution. The error handling in kvm_ioctl_create_device() assumes destro... • https://git.kernel.org/stable/c/170465715a60cbb7876e6b961b21bd3225469da8 •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49567 – mm/mempolicy: fix uninit-value in mpol_rebind_policy()
https://notcve.org/view.php?id=CVE-2022-49567
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpol_rebind_policy() mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mode is MPOL_LOCAL. Check pol->mode before access pol->w.cpuset_mems_allowed in mpol_rebind_policy()(mm/mempolicy.c). BUG: KMSAN: uninit-value in mpol_rebind_policy mm/mempolicy.c:352 [inline] BUG: KMSAN: uninit-value in mpol_rebind_task+0x2ac/0x2c0 mm/mempolicy.c:368 mpol_rebind_policy mm/mempolicy.c:352 [inline] mp... • https://git.kernel.org/stable/c/5735845906fb1d90fe597f8b503fc0a857d475e3 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49566 – crypto: qat - fix memory leak in RSA
https://notcve.org/view.php?id=CVE-2022-49566
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix memory leak in RSA When an RSA key represented in form 2 (as defined in PKCS #1 V2.1) is used, some components of the private key persist even after the TFM is released. Replace the explicit calls to free the buffers in qat_rsa_exit_tfm() with a call to qat_rsa_clear_ctx() which frees all buffers referenced in the TFM context. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix memory leak... • https://git.kernel.org/stable/c/879f77e9071f029e1c9bd5a75814ecf51370f846 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49564 – crypto: qat - add param check for DH
https://notcve.org/view.php?id=CVE-2022-49564
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linear buffer. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a p... • https://git.kernel.org/stable/c/e7f979ed51f96495328157df663c835b17db1e30 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49563 – crypto: qat - add param check for RSA
https://notcve.org/view.php?id=CVE-2022-49563
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linear buffer. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a... • https://git.kernel.org/stable/c/4d6d2adce08788b7667a6e58002682ea1bbf6a79 •