CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49908 – Bluetooth: L2CAP: Fix memory leak in vhci_write
https://notcve.org/view.php?id=CVE-2022-49908
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix memory leak in vhci_write Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810d81ac00 (size 240): [...] hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49907 – net: mdio: fix undefined behavior in bit shift for __mdiobus_register
https://notcve.org/view.php?id=CVE-2022-49907
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for __mdiobus_register Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in drivers/net/phy/mdio_bus.c:586:27 left shift of 1 by 31 places cannot be represented in type 'int' Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49906 – ibmvnic: Free rwi on reset success
https://notcve.org/view.php?id=CVE-2022-49906
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 ("ibmvnic: retry reset if there are no other resets") introduces an issue that results in a 32 byte memory leak whenever the last rwi in the list gets processed. In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structur... • https://git.kernel.org/stable/c/4f408e1fa6e10b6da72691233369172bac7d9e9b •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49905 – net/smc: Fix possible leaked pernet namespace in smc_init()
https://notcve.org/view.php?id=CVE-2022-49905
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible leaked pernet namespace in smc_init() In smc_init(), register_pernet_subsys(&smc_net_stat_ops) is called without any error handling. If it fails, registering of &smc_net_ops won't be reverted. And if smc_nl_init() fails, &smc_net_stat_ops itself won't be reverted. This leaves wild ops in subsystem linkedlist and when another module tries to call register_pernet_operations() it triggers page fault: BUG: unable to handle... • https://git.kernel.org/stable/c/194730a9beb52d2b030ea45e12d94868d4a0e6fd •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49904 – net, neigh: Fix null-ptr-deref in neigh_table_clear()
https://notcve.org/view.php?id=CVE-2022-49904
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neigh_table_clear() When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range [0x0000000000000598-0x000000000000059f] CPU: 1 PID: 361 Comm: insmod Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:__neigh_ifdown.isra.0+0x24b/0x370 RSP: 0018:ffff888012677908 EFLAGS: 00000202 ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49903 – ipv6: fix WARNING in ip6_route_net_exit_late()
https://notcve.org/view.php?id=CVE-2022-49903
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6_route_net_exit_late() During the initialization of ip6_route_net_init_late(), if file ipv6_route or rt6_stats fails to be created, the initialization is successful by default. Therefore, the ipv6_route or rt6_stats file doesn't be found during the remove in ip6_route_net_exit_late(). It will cause WRNING. The following is the stack information: name 'rt6_stats' WARNING: CPU: 0 PID: 9 at fs/proc/generic.c:712 remove_... • https://git.kernel.org/stable/c/cdb1876192dbe680b3ac955717fdf7f863c1762d •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49902 – block: Fix possible memory leak for rq_wb on add_disk failure
https://notcve.org/view.php?id=CVE-2022-49902
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: block: Fix possible memory leak for rq_wb on add_disk failure kmemleak reported memory leaks in device_add_disk(): kmemleak: 3 new suspected memory leaks unreferenced object 0xffff88800f420800 (size 512): comm "modprobe", pid 4275, jiffies 4295639067 (age 223.512s) hex dump (first 32 bytes): 04 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 ................ 00 e1 f5 05 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000... • https://git.kernel.org/stable/c/83cbce9574462c6b4eed6797bdaf18fae6859ab3 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49901 – blk-mq: Fix kmemleak in blk_mq_init_allocated_queue
https://notcve.org/view.php?id=CVE-2022-49901
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blk_mq_init_allocated_queue There is a kmemleak caused by modprobe null_blk.ko unreferenced object 0xffff8881acb1f000 (size 1024): comm "modprobe", pid 836, jiffies 4294971190 (age 27.068s) hex dump (first 32 bytes): 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N.......... ff ff ff ff ff ff ff ff 00 53 99 9e ff ff ff ff .........S...... backtrace: [<000000004a10c249>] kmalloc_node_trace+0x22/0x60 [<0000000064... • https://git.kernel.org/stable/c/2f8f1336a48bd5186de3476da0a3e2ec06d0533a •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49900 – i2c: piix4: Fix adapter not be removed in piix4_remove()
https://notcve.org/view.php?id=CVE-2022-49900
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix adapter not be removed in piix4_remove() In piix4_probe(), the piix4 adapter will be registered in: piix4_probe() piix4_add_adapters_sb800() / piix4_add_adapter() i2c_add_adapter() Based on the probed device type, piix4_add_adapters_sb800() or single piix4_add_adapter() will be called. For the former case, piix4_adapter_count is set as the number of adapters, while for antoher case it is not set and kept default *zero*. When... • https://git.kernel.org/stable/c/528d53a1592b0e27c423f7cafc1df85f77fc1163 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49899 – fscrypt: stop using keyrings subsystem for fscrypt_master_key
https://notcve.org/view.php?id=CVE-2022-49899
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscrypt_master_key The approach of fs/crypto/ internally managing the fscrypt_master_key structs as the payloads of "struct key" objects contained in a "struct key" keyring has outlived its usefulness. The original idea was to simplify the code by reusing code from the keyrings subsystem. However, several issues have arisen that can't easily be resolved: - When a master key struct is destroyed, blk... • https://git.kernel.org/stable/c/22d94f493bfb408fdd764f7b1d0363af2122fba5 •