CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49520 – arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
https://notcve.org/view.php?id=CVE-2022-49520
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall If a compat process tries to execute an unknown system call above the __ARM_NR_COMPAT_END number, the kernel sends a SIGILL signal to the offending process. Information about the error is printed to dmesg in compat_arm_syscall() -> arm64_notify_die() -> arm64_force_sig_fault() -> arm64_show_signal(). arm64_show_signal() interprets a non-zero value for current->thread.fa... • https://git.kernel.org/stable/c/efd183d988b416fcdf6f7c298a17ced4859ca77d •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49519 – ath10k: skip ath10k_halt during suspend for driver state RESTARTING
https://notcve.org/view.php?id=CVE-2022-49519
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10k_halt during suspend for driver state RESTARTING Double free crash is observed when FW recovery(caused by wmi timeout/crash) is followed by immediate suspend event. The FW recovery is triggered by ath10k_core_restart() which calls driver clean up via ath10k_halt(). When the suspend event occurs between the FW recovery, the restart worker thread is put into frozen state until suspend completes. The suspend event triggers a... • https://git.kernel.org/stable/c/8aa3750986ffcf73e0692db3b40dd3a8e8c0c575 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49504 – scsi: lpfc: Inhibit aborts if external loopback plug is inserted
https://notcve.org/view.php?id=CVE-2022-49504
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the system oops in the llpfc_set_rrq_active() routine. When the loopback was inserted an FLOGI was transmit. As we're looped back, we receive the FLOGI request. The FLOGI is ABTS'd as we recognize the same wppn thus unde... • https://git.kernel.org/stable/c/a1516930cb605caee3bc7b4f3b7994b88c0b8505 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49501 – usbnet: Run unregister_netdev() before unbind() again
https://notcve.org/view.php?id=CVE-2022-49501
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregister_netdev() before unbind() again Commit 2c9d6c2b871d ("usbnet: run unbind() before unregister_netdev()") sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out that a different fix is necessary to address the issue: https://lore.kernel.org/netdev/18b3541e5372bc9b9fc733d422f4e698c089077c.1650177997.git.lukas@wunner.de/ So the commit was not necessary. The commit made binding and unbinding of ... • https://git.kernel.org/stable/c/6d5deb242874d924beccf7eb3cef04c1c3b0da79 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49497 – net: remove two BUG() from skb_checksum_help()
https://notcve.org/view.php?id=CVE-2022-49497
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG() from skb_checksum_help() I have a syzbot report that managed to get a crash in skb_checksum_help() If syzbot can trigger these BUG(), it makes sense to replace them with more friendly WARN_ON_ONCE() since skb_checksum_help() can instead return an error code. Note that syzbot will still crash there, until real bug is fixed. In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG() from sk... • https://git.kernel.org/stable/c/312c43e98ed190bd8fd7a71a0addf9539d5b8ab1 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49493 – ASoC: rt5645: Fix errorenous cleanup order
https://notcve.org/view.php?id=CVE-2022-49493
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_timer latter. However, since the timer handler rt5645_btn_check_callback() will re-queue the jack_detect_work, this cleanup order is buggy. That is, once the del_timer_sync in rt5645_i2c_remove is concurrently run with the rt5645_btn_che... • https://git.kernel.org/stable/c/7d801e807536a9a9c2146c5f4a5836f154517ed3 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49492 – nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
https://notcve.org/view.php?id=CVE-2022-49492
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which is checked immediately after the call. However, when we return the error message up the stack, to nvme_reset_work the error takes us to nvme_remove_dead_ctrl() nvme_dev_disable() nvme_suspend_queue(&dev->queues[0]). Here, we only chec... • https://git.kernel.org/stable/c/8321b17789f614414206af07e17ce4751c95dc76 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49486 – ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49486
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. • https://git.kernel.org/stable/c/81e8e4926167ab32593bbb915b45a42024ca1020 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49482 – ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
https://notcve.org/view.php?id=CVE-2022-49482
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. • https://git.kernel.org/stable/c/08641c7c74dddfcd726512edfaa3b4cbe42e523e •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49481 – regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
https://notcve.org/view.php?id=CVE-2022-49481
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore. In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed... • https://git.kernel.org/stable/c/3784b6d64dc52ed3fbebad61a85ab9b7a687a167 •