CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49858 – octeontx2-pf: Fix SQE threshold checking
https://notcve.org/view.php?id=CVE-2022-49858
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same index is processed in NAPI resulting losing SKB pointers, hence a leak. Fix this by checking a consumer index which is updated once CQE is processed. In the Linux kernel, the following vulnerability has been resolved... • https://git.kernel.org/stable/c/3ca6c4c882a7f34085b170d93cf0d0e843aa00e6 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49857 – net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()
https://notcve.org/view.php?id=CVE-2022-49857
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init() When prestera_sdma_switch_init() failed, the memory pointed to by sw->rxtx isn't released. Fix it. Only be compiled, not be tested. In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init() When prestera_sdma_switch_init() failed, the memory pointed to by sw->rxtx isn't released. Fix it. • https://git.kernel.org/stable/c/501ef3066c89d7f9045315e1be58749cf9e6814d •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-49856 – net: tun: call napi_schedule_prep() to ensure we own a napi
https://notcve.org/view.php?id=CVE-2022-49856
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: tun: call napi_schedule_prep() to ensure we own a napi A recent patch exposed another issue in napi_get_frags() caught by syzbot [1] Before feeding packets to GRO, and calling napi_complete() we must first grab NAPI_STATE_SCHED. [1] WARNING: CPU: 0 PID: 3612 at net/core/dev.c:6076 napi_complete_done+0x45b/0x880 net/core/dev.c:6076 Modules linked in: CPU: 0 PID: 3612 Comm: syz-executor408 Not tainted 6.1.0-rc3-syzkaller-00175-g1118b2049... • https://git.kernel.org/stable/c/07d120aa33cc9d9115753d159f64d20c94458781 •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49853 – net: macvlan: fix memory leaks of macvlan_common_newlink
https://notcve.org/view.php?id=CVE-2022-49853
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49852 – riscv: process: fix kernel info leakage
https://notcve.org/view.php?id=CVE-2022-49852
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage thread_struct's s[12] may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s[12] array in thread_struct when fork. As for kthread case, it's better to clear the s[12] array as well. In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage thread_struct's s[12] may contain r... • https://git.kernel.org/stable/c/7db91e57a0acde126a162ababfb1e0ab190130cb •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49851 – riscv: fix reserved memory setup
https://notcve.org/view.php?id=CVE-2022-49851
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using of_reserved_mem_lookup(), the pointer to reserved memory regions is using the early, pre-virtual-memory address which causes a kernel panic when trying to use the buffer's name: Unable to handle kernel paging request at virtual address 00000000401c31ac Oops [#1] ... • https://git.kernel.org/stable/c/922b0375fc93fb1a20c5617e37c389c26bbccb70 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49850 – nilfs2: fix deadlock in nilfs_count_free_blocks()
https://notcve.org/view.php?id=CVE-2022-49850
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfs_count_free_blocks() A semaphore deadlock can occur if nilfs_get_block() detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time: task 1 task 2 ------ ------ * A file operation * nilfs_truncate() nilfs_get_block() down_read(rwsem A) <-- nilfs_bmap_lookup_contig() ... generic_shutdown_super() nilfs_put_super() * Prepare to write superblock * down_write(rwsem B) <-... • https://git.kernel.org/stable/c/e828949e5b42bfd234ee537cdb7c5e3a577958a3 •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49846 – udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
https://notcve.org/view.php?id=CVE-2022-49846
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ================================================================== BUG: KASAN: slab-out-of-bounds in udf_find_entry+0x8a5/0x14f0 fs/udf/namei.c:253 Write of size 105 at addr ffff8880123ff896 by task syz-executor323/3610 CPU: 0 PID: 3610 Comm: syz-executor323 Not tainted 6.1.0-rc2-syzkalle... • https://git.kernel.org/stable/c/066b9cded00b8e3212df74a417bb074f3f3a1fe0 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49845 – can: j1939: j1939_send_one(): fix missing CAN header initialization
https://notcve.org/view.php?id=CVE-2022-49845
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled elements in struct can_frame. This patch initializes the 8 byte CAN header with zero. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access... • https://git.kernel.org/stable/c/9d71dd0c70099914fcd063135da3c580865e924c •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-49843 – drm/amdkfd: Migrate in CPU page fault use current mm
https://notcve.org/view.php?id=CVE-2022-49843
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Migrate in CPU page fault use current mm migrate_vma_setup shows below warning because we don't hold another process mm mmap_lock. We should use current vmf->vma->vm_mm instead, the caller already hold current mmap lock inside CPU page fault handler. WARNING: CPU: 10 PID: 3054 at include/linux/mmap_lock.h:155 find_vma Call Trace: walk_page_range+0x76/0x150 migrate_vma_setup+0x18a/0x640 svm_migrate_vram_to_ram+0x245/0xa10 [amdgpu... • https://git.kernel.org/stable/c/3a876060892ba52dd67d197c78b955e62657d906 •