CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50731 – crypto: akcipher - default implementation for setting a private key
https://notcve.org/view.php?id=CVE-2022-50731
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callback defined as there are no use case for an algorithm, which doesn't need a public key Many akcipher implementations (like ECDSA) support only signature verifications, so they don't have all callbacks defined. Commit 78a0324f4a53 ("crypto: ... • https://git.kernel.org/stable/c/78a0324f4a5328088fea9426cfe1d1851276c475 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50730 – ext4: silence the warning when evicting inode with dioread_nolock
https://notcve.org/view.php?id=CVE-2022-50730
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty blocks. It convert unwritten extents to written, the extents could be merged to upper level and free extent blocks, so it could mark the inode dirty again even this inode has been marked I_FREEING. But the inode->i_io_list ... • https://git.kernel.org/stable/c/ceff86fddae8748fe00d4f2d249cb02cae62ad84 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50729 – ksmbd: Fix resource leak in ksmbd_session_rpc_open()
https://notcve.org/view.php?id=CVE-2022-50729
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbd_session_rpc_open() When ksmbd_rpc_open() fails then it must call ksmbd_rpc_id_free() to undo the result of ksmbd_ipc_id_alloc(). In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbd_session_rpc_open() When ksmbd_rpc_open() fails then it must call ksmbd_rpc_id_free() to undo the result of ksmbd_ipc_id_alloc(). • https://git.kernel.org/stable/c/e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50728 – s390/lcs: Fix return type of lcs_start_xmit()
https://notcve.org/view.php?id=CVE-2022-50728
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to catch these at ... • https://git.kernel.org/stable/c/7b4da3fcd513b8e67823eb80da37aad99b3339c1 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50727 – scsi: efct: Fix possible memleak in efct_device_init()
https://notcve.org/view.php?id=CVE-2022-50727
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init() and causes memleak: unreferenced object 0xffff8881020ce000 (size 2048): comm "modprobe", pid 465, jiffies 4294928222 (age 55.872s) backtrace: [<0000000021a1ef1b>] kmalloc_trace+0x27/0x110 [<000000004c3ed51c>] target_register_template... • https://git.kernel.org/stable/c/4df84e8466242de835416a4ec0c856c0e2ed26eb •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50726 – net/mlx5: Fix possible use-after-free in async command interface
https://notcve.org/view.php?id=CVE-2022-50726
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_cleanup_async_ctx and mlx5_cmd_exec_cb_handler was possible and lead to a use-after-free: 1. mlx5_cmd_cleanup_async_ctx is called while num_inflight is 2 (i.e. elevated by 1, a single inflight callback). 2. mlx5_cmd_cleanup_async_ctx ... • https://git.kernel.org/stable/c/e355477ed9e4f401e3931043df97325d38552d54 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50725 – media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
https://notcve.org/view.php?id=CVE-2022-50725
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvb_dmxdev_release+0x4d5/0x5d0 [dvb_core] Call Trace: ... dvb_dmxdev_release+0x4d5/0x5d0 [dvb_core] vidtv_bridge_probe+0x7bf/0xa40 [dvb_vidtv_bridge] platform_probe+0xb6/0x170 ... Allocated by task 1238: ... dvb_register_device+0x1a7/0xa70 [dvb_core] dvb_dmxdev_init+0x2af/0x4a0 [dvb_core] vidtv_bridge_probe+0x766/0xa40 [... • https://git.kernel.org/stable/c/f90cf6079bf67988f8b1ad1ade70fc89d0080905 •
CVSS: 5.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-50724 – regulator: core: fix resource leak in regulator_register()
https://notcve.org/view.php?id=CVE-2022-50724
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/pmic@64/regulators/buck1 unreferenced object 0xffff88810deea000 (size 512): comm "490-i2c-rt5190a", pid 253, jiffies 4294859840 (age 5061.046s) hex dump (first 32 bytes): 0... • https://git.kernel.org/stable/c/0120ec32a7774b5061ced1a9a7ff833edd8b4cb6 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50722 – media: ipu3-imgu: Fix NULL pointer dereference in active selection access
https://notcve.org/view.php?id=CVE-2022-50722
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that. Fix this. Also rewrap lines a little. I... • https://git.kernel.org/stable/c/0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50721 – dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg
https://notcve.org/view.php?id=CVE-2022-50721
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg The calling convention for pre_slave_sg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error pointer when an error occur. This indirectly cause kernel panic for example for the nandc driver that checks only if the pointer returned by device_prep_slave_sg is not NULL. Returning an error pointer makes nandc think the device_prep_sl... • https://git.kernel.org/stable/c/5c9f8c2dbdbe53818bcde6aa6695e1331e5f841f •