CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49621 – cpufreq: pmac32-cpufreq: Fix refcount leak bug
https://notcve.org/view.php?id=CVE-2022-49621
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: pmac32-cpufreq: Fix refcount leak bug In pmac_cpufreq_init_MacRISC3(), we need to add corresponding of_node_put() for the three node pointers whose refcount have been incremented by of_find_node_by_name(). In the Linux kernel, the following vulnerability has been resolved: cpufreq: pmac32-cpufreq: Fix refcount leak bug In pmac_cpufreq_init_MacRISC3(), we need to add corresponding of_node_put() for the three node pointers whose refc... • https://git.kernel.org/stable/c/4f242486bf46d314b2e3838cc64b56f008a3c4d7 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49620 – net: tipc: fix possible refcount leak in tipc_sk_create()
https://notcve.org/view.php?id=CVE-2022-49620
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix possible refcount leak in tipc_sk_create() Free sk in case tipc_sk_insert() fails. • https://git.kernel.org/stable/c/638fa20b618b2bbcf86da71231624cc82121a036 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49611 – x86/speculation: Fill RSB on vmexit for IBRS
https://notcve.org/view.php?id=CVE-2022-49611
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly is being mitigated. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comme... • https://git.kernel.org/stable/c/3d323b99ff5c8c57005184056d65f6af5b0479d8 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49610 – KVM: VMX: Prevent RSB underflow before vmenter
https://notcve.org/view.php?id=CVE-2022-49610
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. Balanced returns (matched by a preceding call) are usually ok, but it's at least theoretically possible an NMI with a deep call stack could empty the RSB before one of the returns. For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write an... • https://git.kernel.org/stable/c/afd743f6dde87296c6f3414706964c491bb85862 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49609 – power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
https://notcve.org/view.php?id=CVE-2022-49609
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe of_find_matching_node_and_match() returns... • https://git.kernel.org/stable/c/0e545f57b708630c54c8c5c24ea7f7034f6c40d9 •
CVSS: 4.7EPSS: 0%CPEs: 11EXPL: 0CVE-2022-49607 – perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
https://notcve.org/view.php?id=CVE-2022-49607
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() Yang Jihing reported a race between perf_event_set_output() and perf_mmap_close(): CPU1 CPU2 perf_mmap_close(e2) if (atomic_dec_and_test(&e2->rb->mmap_count)) // 1 - > 0 detach_rest = true ioctl(e1, IOC_SET_OUTPUT, e2) perf_event_set_output(e1, e2) ... list_for_each_entry_rcu(e, &e2->rb->event_list, rb_entry) ring_buffer_attach(e, NULL); // e1 isn't yet added and... • https://git.kernel.org/stable/c/9bb5d40cd93c9dd4be74834b1dcb1ba03629716b •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49604 – ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
https://notcve.org/view.php?id=CVE-2022-49604
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/f87c10a8aa1e82498c42d0335524d6ae7cf5a52b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49602 – ip: Fix a data-race around sysctl_fwmark_reflect.
https://notcve.org/view.php?id=CVE-2022-49602
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_fwmark_reflect. While reading sysctl_fwmark_reflect, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctl_fwmark_reflect. While reading sysctl_fwmark_reflect, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/e110861f86094cd78cc85593b873970092deb43a • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49601 – tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
https://notcve.org/view.php?id=CVE-2022-49601
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. While reading sysctl_tcp_fwmark_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. While reading sysctl_tcp_fwmark_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/84f39b08d7868ce10eeaf640627cb89777f0ae93 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49598 – tcp: Fix data-races around sysctl_tcp_mtu_probing.
https://notcve.org/view.php?id=CVE-2022-49598
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_mtu_probing. While reading sysctl_tcp_mtu_probing, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_mtu_probing. While reading sysctl_tcp_mtu_probing, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/5d424d5a674f782d0659a3b66d951f412901faee • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •