CVSS: 5.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50485 – ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
https://notcve.org/view.php?id=CVE-2022-50485
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad... • https://git.kernel.org/stable/c/393d1d1d76933886d5e1ce603214c9987589c6d5 • CWE-654: Reliance on a Single Factor in a Security Decision •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50484 – ALSA: usb-audio: Fix potential memory leaks
https://notcve.org/view.php?id=CVE-2022-50484
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, when -ENOMEM hits at the middle of the sync EP URB allocation loop, the partially allocated URBs might be left without released, because ep->nurbs is still zero at that point. Fix it by setting ep->nurbs at first, so that the error handle... • https://git.kernel.org/stable/c/8fdff6a319e7dac757c558bd283dc4577e68cde7 • CWE-911: Improper Update of Reference Count •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50483 – net: enetc: avoid buffer leaks on xdp_do_redirect() failure
https://notcve.org/view.php?id=CVE-2022-50483
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid buffer leaks on xdp_do_redirect() failure Before enetc_clean_rx_ring_xdp() calls xdp_do_redirect(), each software BD in the RX ring between index orig_i and i can have one of 2 refcount values on its page. We are the owner of the current buffer that is being processed, so the refcount will be at least 1. If the current owner of the buffer at the diametrically opposed index in the RX ring (i.o.w, the other half of this page... • https://git.kernel.org/stable/c/9d2b68cc108db2fdb35022ed2d88cfb305c441a6 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50482 – iommu/vt-d: Clean up si_domain in the init_dmars() error path
https://notcve.org/view.php?id=CVE-2022-50482
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there was a failure in init_dmars(), because the iommu_domain cache still had objects. While the mempool code is now gone, there still is a leak of the si_domain memory if init_dmars() fails. So clean up si_domain in the init_dmars() error p... • https://git.kernel.org/stable/c/86080ccc223aabf8d0b85a504f4f06aa88e82fb3 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50481 – cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
https://notcve.org/view.php?id=CVE-2022-50481
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() If device_register() fails in cxl_register_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it will cause a null-ptr-deref because of removing not added device. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So split device_unregister() into device_del() and ... • https://git.kernel.org/stable/c/14baf4d9c739e6e69150512d2eb23c71fffcc192 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50480 – memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
https://notcve.org/view.php?id=CVE-2022-50480
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() The break of for_each_available_child_of_node() needs a corresponding of_node_put() when the reference 'child' is not used anymore. Here we do not need to call of_node_put() in fail path as '!match' means no break. While the of_platform_device_create() will created a new reference by 'child' but it has considered the refcounting. In the Linux kernel, the following vulnerability h... • https://git.kernel.org/stable/c/fee10bd2267868f2a3e7ba008ef7665aac5e4412 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50479 – drm/amd: fix potential memory leak
https://notcve.org/view.php?id=CVE-2022-50479
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/free/kfree/ - Alex In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/free/kfree/ - Alex The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/3a83e4e64bb1522ddac67ffc787d1c38291e1a65 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50478 – nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
https://notcve.org/view.php?id=CVE-2022-50478
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount time". The first patch fixes a bug reported by syzbot, and the second one fixes the remaining bug of the same kind. Although they are triggered by the same super block data anomaly, I divided it into the above two because the details of the issues and how to fix it are different. Both are required to elimi... • https://git.kernel.org/stable/c/e339ad31f59925b48a92ee3947692fdf9758b8c7 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50477 – rtc: class: Fix potential memleak in devm_rtc_allocate_device()
https://notcve.org/view.php?id=CVE-2022-50477
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fix potential memleak in devm_rtc_allocate_device() devm_rtc_allocate_device() will alloc a rtc_device first, and then run dev_set_name(). If dev_set_name() failed, the rtc_device will memleak. Move devm_add_action_or_reset() in front of dev_set_name() to prevent memleak. unreferenced object 0xffff888110a53000 (size 2048): comm "python3", pid 470, jiffies 4296078308 (age 58.882s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 0... • https://git.kernel.org/stable/c/24d23181e43d72ca692a479e70dfe5b0b5dd33f1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50476 – ntb_netdev: Use dev_kfree_skb_any() in interrupt context
https://notcve.org/view.php?id=CVE-2022-50476
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ntb_netdev: Use dev_kfree_skb_any() in interrupt context TX/RX callback handlers (ntb_netdev_tx_handler(), ntb_netdev_rx_handler()) can be called in interrupt context via the DMA framework when the respective DMA operations have completed. As such, any calls by these routines to free skb's, should use the interrupt context safe dev_kfree_skb_any() function. Previously, these callback handlers would call the interrupt unsafe version of dev_k... • https://git.kernel.org/stable/c/548c237c0a9972df5d1afaca38aa733ee577128d •