CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50068 – drm/ttm: Fix dummy res NULL ptr deref bug
https://notcve.org/view.php?id=CVE-2022-50068
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix dummy res NULL ptr deref bug Check the bo->resource value before accessing the resource mem_type. v2: Fix commit description unwrapped warning
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50067 – btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
https://notcve.org/view.php?id=CVE-2022-50067
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_to_relocate() set_reloc_control() that assigns rc to the variable fs_info->reloc_ctl. When prepare_to_relocate() returns, it calls btrfs_commit_transaction() btrfs_start_dirty_block_groups() btrfs_alloc_path() kmem_cache_zalloc() which may... • https://git.kernel.org/stable/c/ff0e8ed8dfb584575cffc1561f17a1d094e8565b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50066 – net: atlantic: fix aq_vec index out of range error
https://notcve.org/view.php?id=CVE-2022-50066
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range error. Also fixed this kind of coding style in other for loop. [ 97.937604] UBSAN: array-index-out-of-bounds in drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1404:48 [ 97.937607] index 8 is out of range for type 'aq_vec_s *[8]' [ 97... • https://git.kernel.org/stable/c/97bde5c4f909a55ab4c36cf0ac9094f6c9e4cdf6 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50065 – virtio_net: fix memory leak inside XPD_TX with mergeable
https://notcve.org/view.php?id=CVE-2022-50065
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is newly allocated, it should be freed here alone. Just like any other "goto err_xdp". In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buf... • https://git.kernel.org/stable/c/44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50064 – virtio-blk: Avoid use-after-free on suspend/resume
https://notcve.org/view.php?id=CVE-2022-50064
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). However, vq is freed on suspend and reallocated on resume. So, hctx->user_data is invalid after resume, and it will cause use-after-free accessing which will result in the kernel crash something like below: [ 22.428391] Call Trace: [ 22.428899]
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50063 – net: dsa: felix: suppress non-changes to the tagging protocol
https://notcve.org/view.php?id=CVE-2022-50063
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way in which dsa_tree_change_tag_proto() works is that when dsa_tree_notify() fails, it doesn't know whether the operation failed mid way in a multi-switch tree, or it failed for a single-switch tree. So even though drivers need to fail cleanly in ds->ops->change_tag_protocol(), DSA will still call dsa_tree_notify() again, to restore the old tag protocol for potential switche... • https://git.kernel.org/stable/c/7a29d220f4c0745a6d435dbd53c659fbde4998b6 •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50062 – net: bgmac: Fix a BUG triggered by wrong bytes_compl
https://notcve.org/view.php?id=CVE-2022-50062
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: bgmac: Fix a BUG triggered by wrong bytes_compl On one of our machines we got: kernel BUG at lib/dynamic_queue_limits.c:27! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM CPU: 0 PID: 1166 Comm: irq/41-bgmac Tainted: G W O 4.14.275-rt132 #1 Hardware name: BRCM XGS iProc task: ee3415c0 task.stack: ee32a000 PC is at dql_completed+0x168/0x178 LR is at bgmac_poll+0x18c/0x6d8 pc : [
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50061 – pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
https://notcve.org/view.php?id=CVE-2022-50061
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak." In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incre... • https://git.kernel.org/stable/c/c2f6d059abfc29822af732e4da70813a5b6fd9cd •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50060 – octeontx2-af: Fix mcam entry resource leak
https://notcve.org/view.php?id=CVE-2022-50060
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is a chance of all allocated MCAM entries not being freed by PF/VF. Hence free mcam entries even in case of detached LF. In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The t... • https://git.kernel.org/stable/c/c554f9c1574e022821260b24b043a4277e8ec5d8 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50059 – ceph: don't leak snap_rwsem in handle_cap_grant
https://notcve.org/view.php?id=CVE-2022-50059
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwsem is held and the function is expected to release it before returning. It currently fails to do that in all cases which could lead to a deadlock. In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwse... • https://git.kernel.org/stable/c/6f05b30ea063a2a05dda47a4105a69267ae5270f •