CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50056 – fs/ntfs3: Fix missing i_op in ntfs_read_mft
https://notcve.org/view.php?id=CVE-2022-50056
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix missing i_op in ntfs_read_mft There is null pointer dereference because i_op == NULL. The bug happens because we don't initialize i_op for records in $Extend. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix missing i_op in ntfs_read_mft There is null pointer dereference because i_op == NULL. The bug happens because we don't initialize i_op for records in $Extend. • https://git.kernel.org/stable/c/82cae269cfa953032fbb8980a7d554d60fb00b17 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50055 – iavf: Fix adminq error handling
https://notcve.org/view.php?id=CVE-2022-50055
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Without this change it is possible to see when unloading interface: 74626.583369: dma_debug_device_change: device driver has pending DMA allocations while released from device [count=32] One of leaked entries det... • https://git.kernel.org/stable/c/d358aa9a7a2d5f91b1d33d5d4e27c2e46638d123 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50054 – iavf: Fix NULL pointer dereference in iavf_get_link_ksettings
https://notcve.org/view.php?id=CVE-2022-50054
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix NULL pointer dereference in iavf_get_link_ksettings Fix possible NULL pointer dereference, due to freeing of adapter->vf_res in iavf_init_get_resources. Previous commit introduced a regression, where receiving IAVF_ERR_ADMIN_QUEUE_NO_WORK from iavf_get_vf_config would free adapter->vf_res. However, netdev is still registered, so ethtool_ops can be called. Calling iavf_get_link_ksettings with no vf_res, will result with: [ 9385.242... • https://git.kernel.org/stable/c/209f2f9c718138ddbd8586e5a1463bd079a17241 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50053 – iavf: Fix reset error handling
https://notcve.org/view.php?id=CVE-2022-50053
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavf_close in iavf_reset_task error handling. Doing so can lead to double call of napi_disable, which can lead to deadlock there. Removing VF would lead to iavf_remove task being stuck, because it requires crit_lock, which is held by iavf_close. Call iavf_disable_vf if reset fail, so that driver will clean up remaining invalid resources. During rapid VF resets, HW can fail to setup VF mailbox. Wron... • https://git.kernel.org/stable/c/f0db78928783f0a4cce4940e8c03c2e9a760e629 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50052 – ASoC: Intel: avs: Fix potential buffer overflow by snprintf()
https://notcve.org/view.php?id=CVE-2022-50052
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow (although it's unrealistic). This patch replaces it with a safer version, scnprintf() for papering over such a potential issue. In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer... • https://git.kernel.org/stable/c/f1b3b320bd6519b16e3480f74f2926d106e3bcba •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50051 – ASoC: SOF: debug: Fix potential buffer overflow by snprintf()
https://notcve.org/view.php?id=CVE-2022-50051
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow (although it's unrealistic). This patch replaces with a safer version, scnprintf() for papering over such a potential issue. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer ... • https://git.kernel.org/stable/c/5b10b62989219aa527ee4fa555d1995a3b70981b •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50050 – ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf()
https://notcve.org/view.php?id=CVE-2022-50050
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow (although it's unrealistic). This patch replaces with a safer version, scnprintf() for papering over such a potential issue. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potenti... • https://git.kernel.org/stable/c/29c8e4398f02adacd429c7847dacc8aea5a0c2f1 •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50049 – ASoC: DPCM: Don't pick up BE without substream
https://notcve.org/view.php?id=CVE-2022-50049
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcm_add_paths(), it doesn't check whether the picked BE actually supports for the given stream direction. Due to that, when an asymmetric BE stream is present, it picks up wrongly and this may result in a NULL dereference at a later point where the code assumes the existence of a corresponding BE substream. This patch adds the check for the presen... • https://git.kernel.org/stable/c/bbf7d3b1c4f40eb02dd1dffb500ba00b0bff0303 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50048 – netfilter: nf_tables: possible module reference underflow in error path
https://notcve.org/view.php?id=CVE-2022-50048
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: possible module reference underflow in error path dst->ops is set on when nft_expr_clone() fails, but module refcount has not been bumped yet, therefore nft_expr_destroy() leads to module reference underflow. In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: possible module reference underflow in error path dst->ops is set on when nft_expr_clone() fails, but module refcount has n... • https://git.kernel.org/stable/c/8cfd9b0f8515e7c361bba27e2a2684cbd427fe01 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50047 – net: dsa: mv88e6060: prevent crash on an unused port
https://notcve.org/view.php?id=CVE-2022-50047
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6060: prevent crash on an unused port If the port isn't a CPU port nor a user port, 'cpu_dp' is a null pointer and a crash happened on dereferencing it in mv88e6060_setup_port(): [ 9.575872] Unable to handle kernel NULL pointer dereference at virtual address 00000014 ... [ 9.942216] mv88e6060_setup from dsa_register_switch+0x814/0xe84 [ 9.948616] dsa_register_switch from mdio_probe+0x2c/0x54 [ 9.954433] mdio_probe from really... • https://git.kernel.org/stable/c/0abfd494deefdbab66ac03c1181a614285e7d90c •