CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50461 – net: ethernet: ti: am65-cpsw: Fix PM runtime leakage in am65_cpsw_nuss_ndo_slave_open()
https://notcve.org/view.php?id=CVE-2022-50461
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix PM runtime leakage in am65_cpsw_nuss_ndo_slave_open() Ensure pm_runtime_put() is issued in error path. • https://git.kernel.org/stable/c/93a76530316a3d8cc2d82c3deca48424fee92100 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50460 – cifs: Fix xid leak in cifs_flock()
https://notcve.org/view.php?id=CVE-2022-50460
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_flock() If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_flock() If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be up... • https://git.kernel.org/stable/c/d0677992d2af3d65f1c1c21de3323d09d4891537 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50459 – scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
https://notcve.org/view.php?id=CVE-2022-50459
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsi_sw_tcp_conn_get_param() and iscsi_sw_tcp_host_get_param() take the frwd_lock and do sock_hold() then drop the frwd_lock. sock_hold() does a get on the "struct sock". 2. iscsi_sw_tcp_release_conn() does sockfd_put() which does the last... • https://git.kernel.org/stable/c/bcf3a2953d36bbfb9bd44ccb3db0897d935cc485 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50458 – clk: tegra: Fix refcount leak in tegra210_clock_init
https://notcve.org/view.php?id=CVE-2022-50458
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use o... • https://git.kernel.org/stable/c/6b301a059eb2ebed1b12a900e3b21a38e48dd410 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50457 – mtd: core: Fix refcount error in del_mtd_device()
https://notcve.org/view.php?id=CVE-2022-50457
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error in del_mtd_device() del_mtd_device() will call of_node_put() to mtd_get_of_node(mtd), which is mtd->dev.of_node. However, memset(&mtd->dev, 0) is called before of_node_put(). As the result, of_node_put() won't do anything in del_mtd_device(), and causes the refcount leak. del_mtd_device() memset(&mtd->dev, 0, sizeof(mtd->dev) # clear mtd->dev of_node_put() mtd_get_of_node(mtd) # mtd->dev is cleared, can't locat... • https://git.kernel.org/stable/c/00596576a05145a1b5672897a82ef87af00becf4 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50456 – btrfs: fix resolving backrefs for inline extent followed by prealloc
https://notcve.org/view.php?id=CVE-2022-50456
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in the non-inline region will result in add_all_parents reading the invalid offset field of the inline extent. If the inline extent item is placed in the leaf eb s.t. it is the first item, attempting to access the offset field will not onl... • https://git.kernel.org/stable/c/8da6d5815c592b713ecaf4f4f8b631f8359c96c4 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50454 – drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
https://notcve.org/view.php?id=CVE-2022-50454
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. On failures, ttm will call nouveau_bo_del_ttm() and free the memory.Thus, when nouveau_bo_init() returns an error, the gem object has already been released. Then the call to nouveau_bo_ref() will use the freed "nvbo->bo" and lead to a use-after-free bug. We should delete the ca... • https://git.kernel.org/stable/c/019cbd4a4feb3aa3a917d78e7110e3011bbff6d5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50453 – gpiolib: cdev: fix NULL-pointer dereferences
https://notcve.org/view.php?id=CVE-2022-50453
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO character device's annonymous file descriptors: ioctl(), read(), poll(). While I observed it with the GPIO simulator, it will also happen for any of the GPIO devices that can be hot-unplugged - for instance any HID GPIO expander (e.g. CP2... • https://git.kernel.org/stable/c/d7c51b47ac11e66f547b55640405c1c474642d72 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50452 – net: sched: cake: fix null pointer access issue when cake_init() fails
https://notcve.org/view.php?id=CVE-2022-50452
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue fails to be inited during mqprio_init(), cake_reset() is invoked to clear resources. In this case, the tins is NULL, and it will cause gpf issue. The process is as follows: qdisc_create_dflt() cake_init() q->tins = kvcalloc(...) --->failed, q->tins is NULL ... qdisc_put() ... cake_reset() ... cake_dequeue_one() b ... • https://git.kernel.org/stable/c/046f6fd5daefac7f5abdafb436b30f63bc7c602b • CWE-476: NULL Pointer Dereference •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50451 – fs/ntfs3: Fix memory leak on ntfs_fill_super() error path
https://notcve.org/view.php?id=CVE-2022-50451
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak on ntfs_fill_super() error path syzbot reported kmemleak as below: BUG: memory leak unreferenced object 0xffff8880122f1540 (size 32): comm "a.out", pid 6664, jiffies 4294939771 (age 25.500s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 ed ff ed ff 00 00 00 00 ................ backtrace: [