CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49537 – scsi: lpfc: Fix call trace observed during I/O with CMF enabled
https://notcve.org/view.php?id=CVE-2022-49537
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smp_processor_id() in preemptible code: systemd-udevd/31711 kernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc] kernel: CPU: 12 PID: 31711 Comm: systemd-udevd kernel: Call Trace: kernel:
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49536 – scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
https://notcve.org/view.php?id=CVE-2022-49536
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: native_queued_spin_lock_slowpath+0x192 _raw_spin_lock_irqsave+0x32 lpfc_handle_fcp_err+0x4c6 lpfc_fcp_io_cmd_wqe_cmpl+0x964 lpfc_sli4_fp_handle_cqe+0x266 __lpfc_sli4_process_cq+0x105 __lpfc_sli4_hba_process_cq+0x3c lpfc_cq_poll_hdler+0x16 irq_poll_softirq+0x76 __softirqentry_text_start+0xe4 ir... • https://git.kernel.org/stable/c/7625e81de2164a082810e1f27547d388406da610 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49535 – scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
https://notcve.org/view.php?id=CVE-2022-49535
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfc_issue_els_flogi() fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure. However, if there is a prior registration or dev-loss-evt work pending, the node may be released prematurely. When dev-loss-evt completes, the released node is referenced causing a use-after-free null pointer dere... • https://git.kernel.org/stable/c/10663ebec0ad5c78493a0dd34c9ee4d73d7ca0df •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49534 – scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
https://notcve.org/view.php?id=CVE-2022-49534
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT There is a potential memory leak in lpfc_ignore_els_cmpl() and lpfc_els_rsp_reject() that was allocated from NPIV PLOGI_RJT (lpfc_rcv_plogi()'s login_mbox). Check if cmdiocb->context_un.mbox was allocated in lpfc_ignore_els_cmpl(), and then free it back to phba->mbox_mem_pool along with mbox->ctx_buf for service parameters. For lpfc_els_rsp_reject() failure, free both the ctx_... • https://git.kernel.org/stable/c/c00df0f34a6d5e14da379f96ea67e501ce67b002 •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49532 – drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
https://notcve.org/view.php?id=CVE-2022-49532
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes drm_cvt_mode may return NULL and we should check it. This bug is found by syzkaller: FAULT_INJECTION stacktrace: [ 168.567394] FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 [ 168.567403] CPU: 1 PID: 6425 Comm: syz Kdump: loaded Not tainted 4.19.90-vhulk2201.1.0.h1035.kasan.eulerosv2r10.aarch64 #1 [ 168.567406] Hardware name... • https://git.kernel.org/stable/c/e0828456578cc8ba0a69147f7ae3428392eec287 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49531 – loop: implement ->free_disk
https://notcve.org/view.php?id=CVE-2022-49531
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: loop: implement ->free_disk Ensure that the lo_device which is stored in the gendisk private data is valid until the gendisk is freed. Currently the loop driver uses a lot of effort to make sure a device is not freed when it is still in use, but to to fix a potential deadlock this will be relaxed a bit soon. In the Linux kernel, the following vulnerability has been resolved: loop: implement ->free_disk Ensure that the lo_device which is sto... • https://git.kernel.org/stable/c/aadd1443aae7fe8956e3b11157827067f034406a •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49530 – drm/amd/pm: fix double free in si_parse_power_table()
https://notcve.org/view.php?id=CVE-2022-49530
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix double free in si_parse_power_table() In function si_parse_power_table(), array adev->pm.dpm.ps and its member is allocated. If the allocation of each member fails, the array itself is freed and returned with an error code. However, the array is later freed again in si_dpm_fini() function which is called when the function returns an error. This leads to potential double free of the array adev->pm.dpm.ps, as well as leak of i... • https://git.kernel.org/stable/c/2615464854505188f909d0c07c37a6623693b5c7 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49529 – drm/amdgpu/pm: fix the null pointer while the smu is disabled
https://notcve.org/view.php?id=CVE-2022-49529
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: fix the null pointer while the smu is disabled It needs to check if the pp_funcs is initialized while release the context, otherwise it will trigger null pointer panic while the software smu is not enabled. [ 1109.404555] BUG: kernel NULL pointer dereference, address: 0000000000000078 [ 1109.404609] #PF: supervisor read access in kernel mode [ 1109.404638] #PF: error_code(0x0000) - not-present page [ 1109.404657] PGD 0 P4D 0 ... • https://git.kernel.org/stable/c/49ec3441aa5e5940f3e82dd2f0205b9c856e399d •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49528 – media: i2c: dw9714: Disable the regulator when the driver fails to probe
https://notcve.org/view.php?id=CVE-2022-49528
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: dw9714: Disable the regulator when the driver fails to probe When the driver fails to probe, we will get the following splat: [ 59.305988] ------------[ cut here ]------------ [ 59.306417] WARNING: CPU: 2 PID: 395 at drivers/regulator/core.c:2257 _regulator_put+0x3ec/0x4e0 [ 59.310345] RIP: 0010:_regulator_put+0x3ec/0x4e0 [ 59.318362] Call Trace: [ 59.318582]
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49527 – media: venus: hfi: avoid null dereference in deinit
https://notcve.org/view.php?id=CVE-2022-49527
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venus_probe fails at pm_runtime_put_sync the error handling first calls hfi_destroy and afterwards hfi_core_deinit. As hfi_destroy sets core->ops to NULL, hfi_core_deinit cannot call the core_deinit function anymore. Avoid this null pointer derefence by skipping the call when necessary. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null der... • https://git.kernel.org/stable/c/2533acb652359c9e097dfa33587896af782e8a91 •