CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49668 – PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events
https://notcve.org/view.php?id=CVE-2022-49668
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. This function only calls of_node_put() in normal path, missing it in error paths. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_d... • https://git.kernel.org/stable/c/f262f28c147051e7aa6daaf4fb5996833ffadff4 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49667 – net: bonding: fix use-after-free after 802.3ad slave unbind
https://notcve.org/view.php?id=CVE-2022-49667
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free after 802.3ad slave unbind commit 0622cab0341c ("bonding: fix 802.3ad aggregator reselection"), resolve case, when there is several aggregation groups in the same bond. bond_3ad_unbind_slave will invalidate (clear) aggregator when __agg_active_ports return zero. So, ad_clear_agg can be executed even, when num_of_ports!=0. Than bond_3ad_unbind_slave can be executed again for, previously cleared aggregator. NO... • https://git.kernel.org/stable/c/0622cab0341cac6b30da177b0faa39fae0680e71 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49666 – powerpc/memhotplug: Add add_pages override for PPC
https://notcve.org/view.php?id=CVE-2022-49666
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add add_pages override for PPC With commit ffa0b64e3be5 ("powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit") the kernel now validate the addr against high_memory value. This results in the below BUG_ON with dax pfns. [ 635.798741][T26531] kernel BUG at mm/page_alloc.c:5521! 1:mon> e cpu 0x1: Vector: 700 (Program Check) at [c000000007287630] pc: c00000000055ed48: free_pages.part.0+0x48/0x110 lr: c00000000053ca70:... • https://git.kernel.org/stable/c/fddb88bd266f4513abab7c36bca98935c9148a98 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49664 – tipc: move bc link creation back to tipc_node_create
https://notcve.org/view.php?id=CVE-2022-49664
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tipc: move bc link creation back to tipc_node_create Shuang Li reported a NULL pointer dereference crash: [] BUG: kernel NULL pointer dereference, address: 0000000000000068 [] RIP: 0010:tipc_link_is_up+0x5/0x10 [tipc] [] Call Trace: []
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49661 – can: gs_usb: gs_usb_open/close(): fix memory leak
https://notcve.org/view.php?id=CVE-2022-49661
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_open/close(): fix memory leak The gs_usb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usb_alloc_coherent() to allocate a number of USB request blocks (URBs) for RX, and then later relies on usb_kill_anchored_urbs() to free them, but this doesn't actually free them. As a result, this may be leaking DMA memory that's been used by the driver. This commit is an adaptation ... • https://git.kernel.org/stable/c/d08e973a77d128b25e01a08c34d89593fdf222da •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49658 – bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
https://notcve.org/view.php?id=CVE-2022-49658
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals Kuee reported a corner case where the tnum becomes constant after the call to __reg_bound_offset(), but the register's bounds are not, that is, its min bounds are still not equal to the register's max bounds. This in turn allows to leak pointers through turning a pointer register as is into an unknown scalar via adjust_ptr_min_max_vals(). Before: func#0 @0 0: R1=ctx(of... • https://git.kernel.org/stable/c/b03c9f9fdc37dab81ea04d5dacdc5995d4c224c2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49657 – usbnet: fix memory leak in error case
https://notcve.org/view.php?id=CVE-2022-49657
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer • https://git.kernel.org/stable/c/877bd862f32b815d54ab5fc10a4fd903d7bf3012 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49656 – ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
https://notcve.org/view.php?id=CVE-2022-49656
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: meson: Fix refcount leak in meson_smp_prepare_cpus of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: meson: Fix refcount leak in meson_smp_prepare_cpus of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_... • https://git.kernel.org/stable/c/d850f3e5d2966e5c9eb55f66181cee960737e04c •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49652 – dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
https://notcve.org/view.php?id=CVE-2022-49652
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_put() in to fix this. In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate of_parse_phandle() returns a node pointer with refcount incremented, we should... • https://git.kernel.org/stable/c/ec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49651 – srcu: Tighten cleanup_srcu_struct() GP checks
https://notcve.org/view.php?id=CVE-2022-49651
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanup_srcu_struct() GP checks Currently, cleanup_srcu_struct() checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation could result in a use-after-free bug, so this commit adds a check for a grace period that is needed but not yet started to cleanup_srcu_struct(). In the Linux kernel, the following vulnerability has been reso... • https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07 • CWE-416: Use After Free •