CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50441 – net/mlx5: Lag, fix failure to cancel delayed bond work
https://notcve.org/view.php?id=CVE-2022-50441
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work Commit 0d4e8ed139d8 ("net/mlx5: Lag, avoid lockdep warnings") accidentally removed a call to cancel delayed bond work thus it may cause queued delay to expire and fall on an already destroyed work queue. Fix by restoring the call cancel_delayed_work_sync() before destroying the workqueue. This prevents call trace such as this: [ 329.230417] BUG: kernel NULL pointer dereference, address:... • https://git.kernel.org/stable/c/ff24a802204620214afa75a5e64280f40015e399 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50440 – drm/vmwgfx: Validate the box size for the snooped cursor
https://notcve.org/view.php?id=CVE-2022-50440
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox have to be validated against the expected size of the snooped cursor. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace d... • https://git.kernel.org/stable/c/2ac863719e518ae1a8f328849e64ea26a222f079 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50439 – ASoC: mediatek: mt8173: Enable IRQ when pdata is ready
https://notcve.org/view.php?id=CVE-2022-50439
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Enable IRQ when pdata is ready If the device does not come straight from reset, we might receive an IRQ before we are ready to handle it. [ 2.334737] Unable to handle kernel read from unreadable memory at virtual address 00000000000001e4 [ 2.522601] Call trace: [ 2.525040] regmap_read+0x1c/0x80 [ 2.528434] mt8173_afe_irq_handler+0x40/0xf0 ... [ 2.598921] start_kernel+0x338/0x42c In the Linux kernel, the following vul... • https://git.kernel.org/stable/c/ee0bcaff109f36d582df9851f204c9a5eb79c028 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50436 – ext4: don't set up encryption key during jbd2 transaction
https://notcve.org/view.php?id=CVE-2022-50436
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 ("ext4: fixup ext4_fc_track_* functions' signature") extended the scope of the transaction in ext4_unlink() too far, making it include the call to ext4_find_entry(). However, ext4_find_entry() can deadlock when called from within a transaction because it may need to set up the directory's encryption key. Fix this by restoring the transaction to its original scope.... • https://git.kernel.org/stable/c/a80f7fcf18672ae4971a6b713b58c0d389aa99fe • CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50434 – blk-mq: fix possible memleak when register 'hctx' failed
https://notcve.org/view.php?id=CVE-2022-50434
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 (size 512): comm "insmod", pid 308021, jiffies 4324277909 (age 509.733s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 f4 a9 32 81 88 ff ff ...........2.... 08 f4 a9 32 81 88 ff ff 00 00 00 00 00 00 00 00 ...2............ backtrace: [<00000000e8952bb4>] kmalloc_node_trace+0x22/0xa0 [<... • https://git.kernel.org/stable/c/67aec14ce87fe25bdfff7dbf468556333df11c4e •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50430 – mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
https://notcve.org/view.php?id=CVE-2022-50430
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING vub300_enable_sdio_irq() works with mutex and need TASK_RUNNING here. Ensure that we mark current as TASK_RUNNING for sleepable context. [ 77.554641] do not call blocking ops when !TASK_RUNNING; state=1 set at [
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50428 – ext4: fix off-by-one errors in fast-commit block filling
https://notcve.org/view.php?id=CVE-2022-50428
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several very strange constraints on how fast-commit blocks are filled with tlv entries: - tlvs must start at least 10 bytes before the end of the block, even though the minimum tlv length is 8. Otherwise, the replay code will... • https://git.kernel.org/stable/c/aa75f4d3daaeb1389b9cce9d6b84401eaf228d4e •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50426 – remoteproc: imx_dsp_rproc: Add mutex protection for workqueue
https://notcve.org/view.php?id=CVE-2022-50426
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or stopping, some resources (rpmsg device and endpoint) have been released in rproc_stop_subdevices(), then rproc_vq_interrupt() accessing these resources will cause kennel dump. Call trace: virtqueue_add_split+0x1ac/0x560 virtqueue_add_inbuf+0x4c/0x60 rpmsg_recv_done+0x15c/0x294 vring_interrupt+0x6c/0xa4 rproc_vq_in... • https://git.kernel.org/stable/c/ec0e5549f3586d2cb99a05edd006d722ebad912c • CWE-820: Missing Synchronization •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2022-50423 – ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
https://notcve.org/view.php?id=CVE-2022-50423
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82 Read of size 1 at addr ffff888112afc460 by task modprobe/2111 CPU: 0 PID: 2111 Comm: modprobe Not tainted 6.1.0-rc7-dirty Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50420 – crypto: hisilicon/hpre - fix resource leak in remove process
https://notcve.org/view.php?id=CVE-2022-50420
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/hpre - fix resource leak in remove process In hpre_remove(), when the disable operation of qm sriov failed, the following logic should continue to be executed to release the remaining resources that have been allocated, instead of returning directly, otherwise there will be resource leakage. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/hpre - fix resource leak in remove process In h... • https://git.kernel.org/stable/c/c8b4b477079d1995cc0a1c10d5cdfd02be938cdf • CWE-401: Missing Release of Memory after Effective Lifetime •