CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50012 – powerpc/64: Init jump labels before parse_early_param()
https://notcve.org/view.php?id=CVE-2022-50012
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parse_early_param() On 64-bit, calling jump_label_init() in setup_feature_keys() is too late because static keys may be used in subroutines of parse_early_param() which is again subroutine of early_init_devtree(). For example booting with "threadirqs": static_key_enable_cpuslocked(): static key '0xc000000002953260' used before call to jump_label_init() WARNING: CPU: 0 PID: 0 at kernel/jump_label.c:166 sta... • https://git.kernel.org/stable/c/c4ced9fd10073adc854919976b88ad6004271119 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50011 – venus: pm_helpers: Fix warning in OPP during probe
https://notcve.org/view.php?id=CVE-2022-50011
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: venus: pm_helpers: Fix warning in OPP during probe Fix the following WARN triggered during Venus driver probe on 5.19.0-rc8-next-20220728: WARNING: CPU: 7 PID: 339 at drivers/opp/core.c:2471 dev_pm_opp_set_config+0x49c/0x610 Modules linked in: qcom_spmi_adc5 rtc_pm8xxx qcom_spmi_adc_tm5 leds_qcom_lpg led_class_multicolor qcom_pon qcom_vadc_common venus_core(+) qcom_spmi_temp_alarm v4l2_mem2mem videobuf2_v4l2 msm(+) videobuf2_common crct10di... • https://git.kernel.org/stable/c/0bdec5eed69c73886af4cfbb94b663e1e10b8344 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50010 – video: fbdev: i740fb: Check the argument of i740_calc_vclk()
https://notcve.org/view.php?id=CVE-2022-50010
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740_calc_vclk() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper 'pixclock' value that makes the argumet of i740_calc_vclk() less than 'I740_RFREQ_FIX', it will cause a divide-by-zero bug in: drivers/video/fbdev/i740fb.c:353 p_best = min(15, ilog2(I740_MAX_VCO_FREQ / (freq... • https://git.kernel.org/stable/c/59cefb583c984c0da8cf21a4c57d26d5a20dff5c •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50009 – f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data
https://notcve.org/view.php?id=CVE-2022-50009
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data There is issue as follows when test f2fs atomic write: F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock F2FS-fs (loop0): invalid crc_offset: 0 F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. ================================================================== BUG: KASAN: ... • https://git.kernel.org/stable/c/0f63e33eca6fa29a11c76fa31db5fe1cada5ad6e •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50008 – kprobes: don't call disarm_kprobe() for disabled kprobes
https://notcve.org/view.php?id=CVE-2022-50008
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarm_kprobe() for disabled kprobes The assumption in __disable_kprobe() is wrong, and it could try to disarm an already disarmed kprobe and fire the WARN_ONCE() below. [0] We can easily reproduce this issue. 1. Write 0 to /sys/kernel/debug/kprobes/enabled. # echo 0 > /sys/kernel/debug/kprobes/enabled 2. Run execsnoop. At this time, one kprobe is disabled. # /usr/share/bcc/tools/execsnoop & [1] 2460 PCOMM PID PPID RET A... • https://git.kernel.org/stable/c/69d54b916d83872a0a327778a01af2a096923f59 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50007 – xfrm: fix refcount leak in __xfrm_policy_check()
https://notcve.org/view.php?id=CVE-2022-50007
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in __xfrm_policy_check() The issue happens on an error path in __xfrm_policy_check(). When the fetching process of the object `pols[1]` fails, the function simply returns 0, forgetting to decrement the reference count of `pols[0]`, which is incremented earlier by either xfrm_sk_policy_lookup() or xfrm_policy_lookup(). This may result in memory leaks. Fix it by decreasing the reference count of `pols[0]` in that path.... • https://git.kernel.org/stable/c/134b0fc544ba062498451611cb6f3e4454221b3d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50006 – NFSv4.2 fix problems with __nfs42_ssc_open
https://notcve.org/view.php?id=CVE-2022-50006
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with __nfs42_ssc_open A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If alloc_file_pseudo() has failed, we need to decrement a reference on the newly created inode, otherwise it leaks. In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with __nfs42_ssc_open A destination server while doing a COPY shouldn't acc... • https://git.kernel.org/stable/c/ec4b0925089826af45e99cdf78a8ac84c1d005f1 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50005 – nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout
https://notcve.org/view.php?id=CVE-2022-50005
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout When the pn532 uart device is detaching, the pn532_uart_remove() is called. But there are no functions in pn532_uart_remove() that could delete the cmd_timeout timer, which will cause use-after-free bugs. The process is shown below: (thread 1) | (thread 2) | pn532_uart_send_frame pn532_uart_remove | mod_timer(&pn532->cmd_timeout,...) ... | (wait a time) kfree(pn532) //FREE | pn... • https://git.kernel.org/stable/c/c656aa4c27b17a8c70da223ed5ab42145800d6b5 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50004 – xfrm: policy: fix metadata dst->dev xmit null pointer dereference
https://notcve.org/view.php?id=CVE-2022-50004
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst->dev xmit null pointer dereference When we try to transmit an skb with metadata_dst attached (i.e. dst->dev == NULL) through xfrm interface we can hit a null pointer dereference[1] in xfrmi_xmit2() -> xfrm_lookup_with_ifid() due to the check for a loopback skb device when there's no policy which dereferences dst->dev unconditionally. Not having dst->dev can be interepreted as it not being a loopback device, so... • https://git.kernel.org/stable/c/5b7f84b1f9f46327360a64c529433fa0d68cc3f4 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50003 – ice: xsk: prohibit usage of non-balanced queue id
https://notcve.org/view.php?id=CVE-2022-50003
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly mode at a queue id that does not have a corresponding Rx queue. At this moment ice's XSK logic is tightly bound to act on a "queue pair", e.g. both Tx and Rx queues at a given queue id are disabled/enabled and both of them will get XSK... • https://git.kernel.org/stable/c/2d4238f5569722197612656163d824098208519c •