CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48962 – net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
https://notcve.org/view.php?id=CVE-2022-48962
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. • https://git.kernel.org/stable/c/542ae60af24f02e130e62cb3b7c23163a2350056 https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885 https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506 https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942 https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5b •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48961 – net: mdio: fix unbalanced fwnode reference count in mdio_device_release()
https://notcve.org/view.php?id=CVE-2022-48961
In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leak while probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /spi/soc@0/mdio@710700c0/ethernet@4 In of_mdiobus_register_device(), we increase fwnode refcount by fwnode_handle_get() before associating the of_node with mdio device, but it has never been decreased in normal path. Since that, in mdio_device_release(), it needs to call fwnode_handle_put() in addition instead of calling kfree() directly. After above, just calling mdio_device_free() in the error handle path of of_mdiobus_register_device() is enough to keep the refcount balanced. • https://git.kernel.org/stable/c/a9049e0c513c4521dbfaa302af8ed08b3366b41f https://git.kernel.org/stable/c/16854177745a5648f8ec322353b432e18460f43a https://git.kernel.org/stable/c/a5c6de1a6656b8cc6bce7cb3d9874dd7df4968c3 https://git.kernel.org/stable/c/cb37617687f2bfa5b675df7779f869147c9002bd •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48960 – net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
https://notcve.org/view.php?id=CVE-2022-48960
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. • https://git.kernel.org/stable/c/57c5bc9ad7d799e9507ba6e993398d2c55f03fab https://git.kernel.org/stable/c/179499e7a240b2ef590f05eb379c810c26bbc8a4 https://git.kernel.org/stable/c/8067cd244cea2c332f8326842fd10158fa2cb64f https://git.kernel.org/stable/c/3a4eddd1cb023a71df4152fcc76092953e6fe95a https://git.kernel.org/stable/c/1b6360a093ab8969c91a30bb58b753282e2ced4c https://git.kernel.org/stable/c/93aaa4bb72e388f6a4887541fd3d18b84f1b5ddc https://git.kernel.org/stable/c/b8ce0e6f9f88a6bb49d291498377e61ea27a5387 https://git.kernel.org/stable/c/b6307f7a2fc1c5407b6176f2af34a9521 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48959 – net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
https://notcve.org/view.php?id=CVE-2022-48959
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released. • https://git.kernel.org/stable/c/bf425b82059e0b0752c0026353c1902112200837 https://git.kernel.org/stable/c/4be43e46c3f945fc7dd9e23c73a7a66927a3b814 https://git.kernel.org/stable/c/f3b5dda26cd0535aac09ed09c5d83f19b979ec9f https://git.kernel.org/stable/c/e5e59629654b8826f0167dae480d0e3fa0f8f038 https://git.kernel.org/stable/c/78a9ea43fc1a7c06a420b132d2d47cbf4344a5df •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48958 – ethernet: aeroflex: fix potential skb leak in greth_init_rings()
https://notcve.org/view.php?id=CVE-2022-48958
In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in greth_init_rings() The greth_init_rings() function won't free the newly allocated skb when dma_mapping_error() returns error, so add dev_kfree_skb() to fix it. Compile tested only. • https://git.kernel.org/stable/c/d4c41139df6e74c6fff0cbac43e51cab782133be https://git.kernel.org/stable/c/223654e2e2c8d05347cd8e300f8d1ec6023103dd https://git.kernel.org/stable/c/cb1e293f858e5e1152b8791047ed4bdaaf392189 https://git.kernel.org/stable/c/bfaa8f6c5b84b295dd73b0138b57c5555ca12b1c https://git.kernel.org/stable/c/99669d94ce145389f1d6f197e6e18ed50d43fb76 https://git.kernel.org/stable/c/87277bdf2c370ab2d07cfe77dfa9b37f82bbe1e5 https://git.kernel.org/stable/c/c7adcbd0fd3fde1b19150c3e955fb4a30c5bd9b7 https://git.kernel.org/stable/c/dd62867a6383f78f75f07039394aac259 •