CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49497 – net: remove two BUG() from skb_checksum_help()
https://notcve.org/view.php?id=CVE-2022-49497
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG() from skb_checksum_help() I have a syzbot report that managed to get a crash in skb_checksum_help() If syzbot can trigger these BUG(), it makes sense to replace them with more friendly WARN_ON_ONCE() since skb_checksum_help() can instead return an error code. Note that syzbot will still crash there, until real bug is fixed. In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG() from sk... • https://git.kernel.org/stable/c/312c43e98ed190bd8fd7a71a0addf9539d5b8ab1 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49493 – ASoC: rt5645: Fix errorenous cleanup order
https://notcve.org/view.php?id=CVE-2022-49493
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_timer latter. However, since the timer handler rt5645_btn_check_callback() will re-queue the jack_detect_work, this cleanup order is buggy. That is, once the del_timer_sync in rt5645_i2c_remove is concurrently run with the rt5645_btn_che... • https://git.kernel.org/stable/c/7d801e807536a9a9c2146c5f4a5836f154517ed3 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49492 – nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
https://notcve.org/view.php?id=CVE-2022-49492
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which is checked immediately after the call. However, when we return the error message up the stack, to nvme_reset_work the error takes us to nvme_remove_dead_ctrl() nvme_dev_disable() nvme_suspend_queue(&dev->queues[0]). Here, we only chec... • https://git.kernel.org/stable/c/8321b17789f614414206af07e17ce4751c95dc76 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49486 – ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49486
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. • https://git.kernel.org/stable/c/81e8e4926167ab32593bbb915b45a42024ca1020 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49482 – ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
https://notcve.org/view.php?id=CVE-2022-49482
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. • https://git.kernel.org/stable/c/08641c7c74dddfcd726512edfaa3b4cbe42e523e •
CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49478 – media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
https://notcve.org/view.php?id=CVE-2022-49478
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then if init table walk fails this value remains unchanged. Since code blindly uses this member for array indexing adding sanity check is the easiest fix for that. hdw->workpoll initialization moved upper to prevent warning in __flush_work... • https://git.kernel.org/stable/c/d855497edbfbf9e19a17f4a1154bca69cb4bd9ba •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49472 – net: phy: micrel: Allow probing without .driver_data
https://notcve.org/view.php?id=CVE-2022-49472
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .probe without .driver_data by inserting NULL checks for priv->type. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the... • https://git.kernel.org/stable/c/7dcb404662839a4ed1a9703658fee979eb894ca4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49469 – btrfs: fix anon_dev leak in create_subvol()
https://notcve.org/view.php?id=CVE-2022-49469
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix anon_dev leak in create_subvol() When btrfs_qgroup_inherit(), btrfs_alloc_tree_block, or btrfs_insert_root() fail in create_subvol(), we return without freeing anon_dev. Reorganize the error handling in create_subvol() to fix this. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix anon_dev leak in create_subvol() When btrfs_qgroup_inherit(), btrfs_alloc_tree_block, or btrfs_insert_root() fail in creat... • https://git.kernel.org/stable/c/d887b3de318834f9aa637ecf79c6bc66cba7c69a •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49465 – blk-throttle: Set BIO_THROTTLED when bio has been throttled
https://notcve.org/view.php?id=CVE-2022-49465
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and stop submit bio directly. Bio will submit in blk_throtl_dispatch_work_fn() when the timer expires.But in the current process, if bio is throttled. The BIO_THROTTLED will be set to bio after timer start. If the bio has been completed, it... • https://git.kernel.org/stable/c/0cfc8a0fb07cde61915e4a77c4794c47de3114a4 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49457 – ARM: versatile: Add missing of_node_put in dcscb_init
https://notcve.org/view.php?id=CVE-2022-49457
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to avoid the refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to a... • https://git.kernel.org/stable/c/2d7b23db35254b7d46e852967090c64cdccf24da •