CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49638 – icmp: Fix data-races around sysctl.
https://notcve.org/view.php?id=CVE-2022-49638
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE() to avoid data-races. In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE() to avoid data-races. • https://git.kernel.org/stable/c/4cdf507d54525842dfd9f6313fdafba039084046 •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49637 – ipv4: Fix a data-race around sysctl_fib_sync_mem.
https://notcve.org/view.php?id=CVE-2022-49637
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_sync_mem. While reading sysctl_fib_sync_mem, it can be changed concurrently. So, we need to add READ_ONCE() to avoid a data-race. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_sync_mem. While reading sysctl_fib_sync_mem, it can be changed concurrently. So, we need to add READ_ONCE() to avoid a data-race. • https://git.kernel.org/stable/c/9ab948a91b2c2abc8e82845c0e61f4b1683e3a4f •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49635 – drm/i915/selftests: fix subtraction overflow bug
https://notcve.org/view.php?id=CVE-2022-49635
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machines hole_end can be small enough to cause subtraction overflow. On the other side (addr + 2 * min_alignment) can overflow in case of mock tests. This patch should handle both cases. (cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2) In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machin... • https://git.kernel.org/stable/c/e1c5f754067b594de58d387aa5873dec83b6c9fd •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49632 – icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
https://notcve.org/view.php?id=CVE-2022-49632
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed concurrently. • https://git.kernel.org/stable/c/1c2fb7f93cb20621772bf304f3dba0849942e5db •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49631 – raw: Fix a data-race around sysctl_raw_l3mdev_accept.
https://notcve.org/view.php?id=CVE-2022-49631
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctl_raw_l3mdev_accept. While reading sysctl_raw_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctl_raw_l3mdev_accept. While reading sysctl_raw_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/6897445fb194c8ad046df4a13e1ee9f080a5a21e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49630 – tcp: Fix a data-race around sysctl_tcp_ecn_fallback.
https://notcve.org/view.php?id=CVE-2022-49630
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/492135557dc090a1abb2cfbe1a412757e3ed68ab •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49629 – nexthop: Fix data-races around nexthop_compat_mode.
https://notcve.org/view.php?id=CVE-2022-49629
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/4f80116d3df3b23ee4b83ea8557629e1799bc230 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49627 – ima: Fix potential memory leak in ima_init_crypto()
https://notcve.org/view.php?id=CVE-2022-49627
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the ima_algo_array. Add the missing kfree() for ima_algo_array to avoid the potential memory leak. In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing... • https://git.kernel.org/stable/c/6d94809af6b0830c4dfcad661535a5939bcb8a7d •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49626 – sfc: fix use after free when disabling sriov
https://notcve.org/view.php?id=CVE-2022-49626
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf->pci_dev: it was freed from pci_disable_sriov and later read in efx_ef10_sriov_free_vf_vports, called from efx_ef10_sriov_free_vf_vswitching. Set the pointer to NULL at release time to not trying to read it later. Reproducer and dmesg log (note that kfence doesn't detect it every time): $ echo 1 > /s... • https://git.kernel.org/stable/c/3c5eb87605e85146a78de589b5070a37862425db •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49625 – sfc: fix kernel panic when creating VF
https://notcve.org/view.php?id=CVE-2022-49625
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efx_ef10_try_update_nic_stats_vf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has to unmap memory with vunmap. It is disallowed to do that in IRQ context or with BH disabled. Otherwise, we hit this line in vunmap, causing the crash: BUG_ON(in_interrupt()); This patch reenables BH to release ... • https://git.kernel.org/stable/c/d778819609a27efd5358da8151a0ad3507243e19 •