CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49432 – powerpc/xics: fix refcount leak in icp_opal_init()
https://notcve.org/view.php?id=CVE-2022-49432
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount incremented, use of_node_put() on it when done. In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount incremented, use of_node_put() on it when done. • https://git.kernel.org/stable/c/977dbc81d0f866ef63b93c127b7404f07734b3cc •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49431 – powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
https://notcve.org/view.php?id=CVE-2022-49431
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Add missing of_node_put in iommu_init_early_dart The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to avoid the refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Add missing of_node_put in iommu_init_early_dart The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should us... • https://git.kernel.org/stable/c/cb4f2dc513e99c5d0485661f114e4dda73612d10 •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49430 – Input: gpio-keys - cancel delayed work only in case of GPIO
https://notcve.org/view.php?id=CVE-2022-49430
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpio_keys module can either accept gpios or interrupts. The module initializes delayed work in case of gpios only and is only used if debounce timer is not used, so make sure cancel_delayed_work_sync() is called only when its gpio-backed and debounce_use_hrtimer is false. This fixes the issue seen below when the gpio_keys module is unloaded and an interrupt pin is used instead of G... • https://git.kernel.org/stable/c/96c460687813915dedca9dd7d04ae0e90607fd79 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49429 – RDMA/hfi1: Prevent panic when SDMA is disabled
https://notcve.org/view.php?id=CVE-2022-49429
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1_CAP_SDMA off, a call to hfi1_write_iter() will dereference a NULL pointer and panic. A typical stack frame is: sdma_select_user_engine [hfi1] hfi1_user_sdma_process_request [hfi1] hfi1_write_iter [hfi1] do_iter_readv_writev do_iter_write vfs_writev do_writev do_syscall_64 The fix is to test for SDMA in hfi1_write_iter() and fail the I/O with EINVAL. In the... • https://git.kernel.org/stable/c/33794e8e9bcb4affc0ebff9cdec85acc8b8a1762 •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49420 – net: annotate races around sk->sk_bound_dev_if
https://notcve.org/view.php?id=CVE-2022-49420
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk->sk_bound_dev_if UDP sendmsg() is lockless, and reads sk->sk_bound_dev_if while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add more annotations to potential lockless readers. BUG: KCSAN: data-race in __ip6_datagram_connect / udpv6_sendmsg write to 0xffff888136d47a94 of 4 bytes by task 7681 on cpu 0: __ip6_datagram_connect+0x6e2/0x9... • https://git.kernel.org/stable/c/20b2f61797873a2b18b5ff1a304ad2674fa1e0a5 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49414 – ext4: fix race condition between ext4_write and ext4_convert_inline_data
https://notcve.org/view.php?id=CVE-2022-49414
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4_write and ext4_convert_inline_data Hulk Robot reported a BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free clusters kernel BUG at fs/ext4/ext4_jbd2.c:53! invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 0 PID: 25371 Comm: syz-executor.3 Not tainted 5.10.0+... • https://git.kernel.org/stable/c/0c8d414f163f5d35e43a4de7a6e5ee8c253fcccf •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-49409 – ext4: fix bug_on in __es_tree_search
https://notcve.org/view.php?id=CVE-2022-49409
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/ext4/extents_status.c:199 [inline] RIP: 0010:__es_tree_search+0x1e0/0x260 fs/ext4/extents_status.c:217 [...] Call Trace: ext4_es_cache_extent+0x109/0x340 fs/ext4/extents_status.c:766 ext4_cache_extents+0x239/0x2e0 fs/ext4/extents.c:561... • https://git.kernel.org/stable/c/5946d089379a35dda0e531710b48fca05446a196 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49407 – dlm: fix plock invalid read
https://notcve.org/view.php?id=CVE-2022-49407
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plock_op" and a followed send_op() will append it to a global send_list data structure. In some cases a followed dev_read() moves it to recv_list and dev_write() will cast it to "struct plock_xop" and access fields which are only available in those structures. At this point an invalid read happens by accessing those fields. To fix ... • https://git.kernel.org/stable/c/586759f03e2e9031ac5589912a51a909ed53c30a •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49399 – tty: goldfish: Use tty_port_destroy() to destroy port
https://notcve.org/view.php?id=CVE-2022-49399
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be destroyed or else might leak resources. Fix the above by calling tty_port_destroy(). In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), t... • https://git.kernel.org/stable/c/666b7793d4bfa9f150b5c2007ab48c755ddc53ca •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49395 – um: Fix out-of-bounds read in LDT setup
https://notcve.org/view.php?id=CVE-2022-49395
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: stack-out-of-bounds in syscall_stub_data+0x70/0xe0 Read of size 128 at addr 000000006411f6f0 by task swapper/1 CPU: 0 PID: 1 Comm: swapper Not tainted 5.18.0+ #18 Call Trace: show_stack.cold+0x166/0x2a7 __dump_stack+0x3a/0x43 dump_sta... • https://git.kernel.org/stable/c/858259cf7d1c443c836a2022b78cb281f0a9b95e •