CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49812 – bridge: switchdev: Fix memory leaks when changing VLAN protocol
https://notcve.org/view.php?id=CVE-2022-49812
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bridge: switchdev: Fix memory leaks when changing VLAN protocol The bridge driver can offload VLANs to the underlying hardware either via switchdev or the 8021q driver. When the former is used, the VLAN is marked in the bridge driver with the 'BR_VLFLAG_ADDED_BY_SWITCHDEV' private flag. To avoid the memory leaks mentioned in the cited commit, the bridge driver will try to delete a VLAN via the 8021q driver if the VLAN is not marked with the... • https://git.kernel.org/stable/c/279737939a8194f02fa352ab4476a1b241f44ef4 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49811 – drbd: use after free in drbd_create_device()
https://notcve.org/view.php?id=CVE-2022-49811
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbd_create_device() The drbd_destroy_connection() frees the "connection" so use the _safe() iterator to prevent a use after free. In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbd_create_device() The drbd_destroy_connection() frees the "connection" so use the _safe() iterator to prevent a use after free. • https://git.kernel.org/stable/c/b6f85ef9538b2111a8ba0bbfae9aaebabfc94961 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49809 – net/x25: Fix skb leak in x25_lapb_receive_frame()
https://notcve.org/view.php?id=CVE-2022-49809
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. Otherwise there is a memory leak. In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb shou... • https://git.kernel.org/stable/c/cb101ed2c3c7c0224d16953fe77bfb9d6c2cb9df •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49803 – netdevsim: Fix memory leak of nsim_dev->fa_cookie
https://notcve.org/view.php?id=CVE-2022-49803
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsim_dev->fa_cookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s) hex dump (first 8 bytes): 04 00 00 00 de ad be ef ........ backtrace: [<00000000c80b8577>] __kmalloc+0x49/0x150 [<000000005292b8c6>] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim] [<0000000093d78e77>] full_proxy_write+0xf3/0x180 [<000000005a662c16>] vfs_w... • https://git.kernel.org/stable/c/d3cbb907ae57fe5da314b51d949b617b538bdeae •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49802 – ftrace: Fix null pointer dereference in ftrace_add_mod()
https://notcve.org/view.php?id=CVE-2022-49802
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). If kstrdup() for @ftrace_mod->{func|module} fails, it goes to @out_free tag and calls free_ftrace_mod() to destroy @ftrace_mod, then list_del() will write prev->next and next->prev, where null pointer dereference happens. BUG: kernel NUL... • https://git.kernel.org/stable/c/673feb9d76ab3eddde7acfd94b206e321cfc90b9 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49800 – tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
https://notcve.org/view.php?id=CVE-2022-49800
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak. The same reason and solution in test_empty_synth_event(). unreferenced object 0xffff8881127de000 (size 2048): comm "modprobe", pid 247, jiffies 4294972316 (age 78.756s) hex dump (first 32 bytes): 20 67 65 6e 5f 73 79 6e 74 68 5f 74 ... • https://git.kernel.org/stable/c/9fe41efaca08416657efa8731c0d47ccb6a3f3eb •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49799 – tracing: Fix wild-memory-access in register_synth_event()
https://notcve.org/view.php?id=CVE-2022-49799
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which means the trace_event_call will call __unregister_trace_event() twice. As the result, the second unregister will causes the wild-memory-access. register_synth_event set_synth_event_print_fmt failed trace_remove_event_call event_remov... • https://git.kernel.org/stable/c/4b147936fa509650beaf638b331573c23ba4d609 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49797 – tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()
https://notcve.org/view.php?id=CVE-2022-49797
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() When trace_get_event_file() failed, gen_kretprobe_test will be assigned as the error code. If module kprobe_event_gen_test is removed now, the null pointer dereference will happen in kprobe_event_gen_test_exit(). Check if gen_kprobe_test or gen_kretprobe_test is error code or NULL before dereference them. BUG: kernel NULL pointer dereference, a... • https://git.kernel.org/stable/c/64836248dda20c8e7427b493f7e06d9bf8f58850 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49796 – tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit()
https://notcve.org/view.php?id=CVE-2022-49796
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() When test_gen_kprobe_cmd() failed after kprobe_event_gen_cmd_end(), it will goto delete, which will call kprobe_event_delete() and release the corresponding resource. However, the trace_array in gen_kretprobe_test will point to the invalid resource. Set gen_kretprobe_test to NULL after called kprobe_event_delete() to prevent null-ptr-deref. BUG: ker... • https://git.kernel.org/stable/c/64836248dda20c8e7427b493f7e06d9bf8f58850 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49794 – iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
https://notcve.org/view.php?id=CVE-2022-49794
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(), so that it can call iio_trig_release() to free memory when the refcount hit to 0. In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_t... • https://git.kernel.org/stable/c/0e589d5fb3172b0dde7fdad3a4829ce5352dd30d •