CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50269 – drm/vkms: Fix memory leak in vkms_init()
https://notcve.org/view.php?id=CVE-2022-50269
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0xffff88810bc28520 (size 16): comm "modprobe", pid 9662, jiffies 4298009455 (age 42.590s) hex dump (first 16 bytes): 01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff ...d............ backtrace: [<00000000e7561ff8>] kmalloc_trace+0x27/0x60 [<000000000b1954a0>] 0xffffffffc45200a9 [<00000000abbf1da0>] do_one_initcall+0xd... • https://git.kernel.org/stable/c/2df7af93fdadb9ba8226fe443fae15ecdefda2a6 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50268 – mmc: moxart: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50268
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: f... • https://git.kernel.org/stable/c/1b66e94e6b9995323190f31c51d8e1a6f516627e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50267 – mmc: rtsx_pci: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50267
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_pci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path, beside, runtime PM also needs be disabled. In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/ff984e57d36e8ac468849a144a36f1c11f88b61c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50266 – kprobes: Fix check for probe enabled in kill_kprobe()
https://notcve.org/view.php?id=CVE-2022-50266
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in kill_kprobe() In kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be called always fails. This is because before that we set the KPROBE_FLAG_GONE flag for kprobe so that "!kprobe_disabled(p)" is always false. The disarm_kprobe_ftrace() call introduced by commit: 0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler") to fix the NULL pointer reference problem. Wh... • https://git.kernel.org/stable/c/3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50265 – kcm: annotate data-races around kcm->rx_wait
https://notcve.org/view.php?id=CVE-2022-50265
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_wait kcm->rx_psock can be read locklessly in kcm_rfree(). Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcm_rcv_strparser / kcm_rfree write to 0xffff88810784e3d0 of 1 bytes by task 1823 on cpu 1: reserve_rx_kcm net/kcm/kcmsock.c:283 [inline] kcm_rcv_strparser+0x250/0x3a0 net/kcm/kcmsock.c:363 __strp_recv+0x64c/0xd20 net/strparser/strparser.c:301 strp_recv+0x6d/0x8... • https://git.kernel.org/stable/c/ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50264 – clk: socfpga: Fix memory leak in socfpga_gate_init()
https://notcve.org/view.php?id=CVE-2022-50264
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpga_gate_init() Free @socfpga_clk and @ops on the error path to avoid memory leak issue. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/a30a67be7b6e1117e0c0f5bcf84328ccdb8d6205 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50262 – fs/ntfs3: Validate BOOT record_size
https://notcve.org/view.php?id=CVE-2022-50262
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate BOOT record_size When the NTFS BOOT record_size field < 0, it represents a shift value. However, there is no sanity check on the shift result and the sbi->record_bits calculation through blksize_bits() assumes the size always > 256, which could lead to NPD while mounting a malformed NTFS image. [ 318.675159] BUG: kernel NULL pointer dereference, address: 0000000000000158 [ 318.675682] #PF: supervisor read access in kernel... • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53197 – USB: uhci: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53197
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result m... • https://git.kernel.org/stable/c/5649d86f537887c2be88689986ec4dd493d4babe • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53196 – usb: dwc3: qcom: Fix potential memory leak
https://notcve.org/view.php?id=CVE-2023-53196
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3_qcom_probe() allocates memory for resource structure which is pointed by parent_res pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent memory leak. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/2bc02355f8ba2c1f108ec8b16a673b467a17228c • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53194 – fs/ntfs3: Add length check in indx_get_root
https://notcve.org/view.php?id=CVE-2023-53194
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add length check in indx_get_root This adds a length check to guarantee the retrieved index root is legit. [ 162.459513] BUG: KASAN: use-after-free in hdr_find_e.isra.0+0x10c/0x320 [ 162.460176] Read of size 2 at addr ffff8880037bca99 by task mount/243 [ 162.460851] [ 162.461252] CPU: 0 PID: 243 Comm: mount Not tainted 6.0.0-rc7 #42 [ 162.461744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990... • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e •