CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49793 – iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
https://notcve.org/view.php?id=CVE-2022-49793
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in device_initialize(), so that it can be freed in kobject_cleanup() when the refcount hit to 0. Fault injection test can trigger this: unreferenced object 0xffff8e8340a7b4c0 (size 32): comm "modprobe", pid 243, jiffies 4294678145 (age ... • https://git.kernel.org/stable/c/1f785681a87068f123d3e23da13b2c55ab4f93ac •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49792 – iio: adc: mp2629: fix potential array out of bound access
https://notcve.org/view.php?id=CVE-2022-49792
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core. In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core. • https://git.kernel.org/stable/c/7abd9fb6468225f5c7f83149ce279cc1a912a68a •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49790 – Input: iforce - invert valid length check when fetching device IDs
https://notcve.org/view.php?id=CVE-2022-49790
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer when fetching device IDs") is checking that valid length is shorter than bytes to read. Since iforce_get_id_packet() stores valid length when returning 0, the caller needs to check that valid length is longer than or equals to bytes ... • https://git.kernel.org/stable/c/6ac0aec6b0a651d64eef759fddf17d9145b51033 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49789 – scsi: zfcp: Fix double free of FSF request when qdio send fails
https://notcve.org/view.php?id=CVE-2022-49789
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case the sending fails and we need to remove the request from our internal hash table again (so we don't keep an invalid reference and use it when we free the request again). In 'zfcp_fsf_req_send()' we used to cache the ID as 'int' (sign... • https://git.kernel.org/stable/c/e60a6d69f1f84c2ef1cc63aefaadfe7ae9f12934 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49788 – misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
https://notcve.org/view.php?id=CVE-2022-49788
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121 instrument_copy_to_user ./include/linux/instrumented.h:121 _copy_to_user+0x5f/0xb0 lib/usercopy.c:33 copy_to_user ./include/linux/uaccess.h:16... • https://git.kernel.org/stable/c/06164d2b72aa752ce4633184b3e0d97601017135 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49787 – mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
https://notcve.org/view.php?id=CVE-2022-49787
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count before amd_probe() returns. There is no problem for the 'smbus_dev == NULL' branch because pci_dev_put() can also handle the NULL input parameter case. In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pc... • https://git.kernel.org/stable/c/659c9bc114a810b3a3c1e50585cc57f1312a6d60 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49780 – scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
https://notcve.org/view.php?id=CVE-2022-49780
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup(). The 'tl_hba' will be freed in tcm_loop_release_adapter(), so it do... • https://git.kernel.org/stable/c/3703b2c5d041a68095cdd22380c23ce27d449ad7 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49779 – kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
https://notcve.org/view.php?id=CVE-2022-49779
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have post_handler, the post_handler of the aggrprobe is cleared. If this is a ftrace-based probe, there is a problem. In later calls to disarm_kprobe(), we will use kprobe_ftrace_ops because post_handler is NULL. But we're armed with kprobe_... • https://git.kernel.org/stable/c/0bc11ed5ab60c135aa764a62c02cd5ea68289de4 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49777 – Input: i8042 - fix leaking of platform device on module removal
https://notcve.org/view.php?id=CVE-2022-49777
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by i8042_exit() on module unload. In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_... • https://git.kernel.org/stable/c/68fdb0499653a2519691e645fcb72944f6e1e220 •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49776 – macvlan: enforce a consistent minimal mtu
https://notcve.org/view.php?id=CVE-2022-49776
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior (which could lead to crashes in ipv6 stack if the link is brought up) $ ip link add macvlan1 link eno1 mtu 8 type macvlan # This should fail ! $ ip link sh dev macvlan1 5: macvlan1@eno1: