CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50760 – drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
https://notcve.org/view.php?id=CVE-2022-50760
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we break the loop in amdgpu_atrm_get_bios() with 'pdev' not NULL, we need to call pci_dev_put() to decrease the refcount. Add the missing pci_dev_put() to avoid refcount leak. In the Linux kernel, the following... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50758 – staging: vt6655: fix potential memory leak
https://notcve.org/view.php?id=CVE-2022-50758
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function device_init_td0_ring, memory is allocated for member td_info of priv->apTD0Rings[i], with i increasing from 0. In case of allocation failure, the memory is freed in reversed order, with i decreasing to 0. However, the case i=0 is left out and thus memory is leaked. Modify the memory freeing loop to include the case i=0. In the Linux kernel, the following vulnerability has been resolved:... • https://git.kernel.org/stable/c/5341ee0adb17d12a96dc5344e0d267cd12b52135 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50757 – media: camss: Clean up received buffers on failed start of streaming
https://notcve.org/view.php?id=CVE-2022-50757
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50756 – nvme-pci: fix mempool alloc size
https://notcve.org/view.php?id=CVE-2022-50756
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was previously rounding this to 1 list, but we can require 2 in the worst case. In that scenario, the driver would corrupt memory beyond the size provided by the mempool. While unlikely to occur (you'd need a 4MB in exa... • https://git.kernel.org/stable/c/943e942e6266f22babee5efeb00f8f672fbff5bd •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50755 – udf: Avoid double brelse() in udf_rename()
https://notcve.org/view.php?id=CVE-2022-50755
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <TASK> invalidate_bh_lru+0x99/0x150 smp_call_function_many_cond+0xe2a/0x10c0 ? generic_remap_file_range_prep+0x50/0x50 ? __brelse+0xa0/0xa0 ? __mutex_lock+0x21c/0x12d0 ? smp_call_on_cpu+0x250/0x250 ? • https://git.kernel.org/stable/c/231473f6ddcef9c01993e0bfe36acc6f8e425c31 •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50754 – apparmor: fix a memleak in multi_transaction_new()
https://notcve.org/view.php?id=CVE-2022-50754
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix this bug by adding a put_multi_transaction(t) in the error path. In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not ... • https://git.kernel.org/stable/c/1dea3b41e84c5923173fe654dcb758a5cb4a46e5 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50753 – f2fs: fix to do sanity check on summary info
https://notcve.org/view.php?id=CVE-2022-50753
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 BUG: KASAN: use-after-free in recover_data+0x63ae/0x6ae0 [f2fs] Read of size 4 at addr ffff8881464dcd80 by task mount/1013 CPU: 3 PID: 1013 Comm: mount Tainted: G W 6.0.0-rc4 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 Call Trace: dump_stack_lvl+0x45/0x5e print_report.cold+0... • https://git.kernel.org/stable/c/b292dcab068e141d8a820b77cbcc88d98c610eb4 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50751 – configfs: fix possible memory leak in configfs_create_dir()
https://notcve.org/view.php?id=CVE-2022-50751
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295537735 (age 233.784s) backtrace: kmem_cache_alloc (mm/slub.c:3250 mm/slub.c:3256 mm/slub.c:3263 mm/slub.c:3273) new_fragment (./include/linux/slab.h:600 fs/configfs/dir.c:163) configfs_register_subsystem (fs/configfs/dir.c:1857) basic_wr... • https://git.kernel.org/stable/c/7063fbf2261194f72ee75afca67b3b38b554b5fa •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50749 – acct: fix potential integer overflow in encode_comp_t()
https://notcve.org/view.php?id=CVE-2022-50749
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ...... > 341 exp <<= MANTSIZE; > 342 exp += value; > 343 return exp; > 344 } Currently comp_t is defined as type of '__u16', but the variable 'exp' is type of 'int', so overflow would happen when variable 'exp' in line 343 is greater than 65535. In the Linux... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50747 – hfs: Fix OOB Write in hfs_asc2mac
https://notcve.org/view.php?id=CVE-2022-50747
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_asc2mac+0x467/0x9a0 fs/hfs/trans.c:133 Write of size 1 at addr ffff88801848314e by task syz-executor391/3632 Call Trace: