CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50619 – drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
https://notcve.org/view.php?id=CVE-2022-50619
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memory leak in some error paths. Fix this by checking the number of pages before allocating memory for the SG table. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in... • https://git.kernel.org/stable/c/264fb4d332f5e76743818480e482464437837c52 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50618 – mmc: meson-gx: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50618
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. In the remove() path, mmc_remove_host() will be called to delete device, but it's not added yet, it will lead a kernel crash because of null-ptr-deref in device_del(). Fix this by checking the return value and goto error path which will... • https://git.kernel.org/stable/c/51c5d8447bd71b7e539c19c46a03b73c0e91fa66 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50617 – drm/amdgpu/powerplay/psm: Fix memory leak in power state init
https://notcve.org/view.php?id=CVE-2022-50617
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 ("drm/amdgpu/powerplay/psm: return an error in power state init") made the power state init function return early in case of failure to get an entry from the powerplay table, but it missed to clean up the allocated memory for the current power state before returning. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: ... • https://git.kernel.org/stable/c/902bc65de0b3d72c481b45cbac3e97ab8cb399c2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50616 – regulator: core: Use different devices for resource allocation and DT lookup
https://notcve.org/view.php?id=CVE-2022-50616
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: core: Use different devices for resource allocation and DT lookup Following by the below discussion, there's the potential UAF issue between regulator and mfd. https://lore.kernel.org/all/20221128143601.1698148-1-yangyingliang@huawei.com/ From the analysis of Yingliang CPU A |CPU B mt6370_probe() | devm_mfd_add_devices() | |mt6370_regulator_probe() | regulator_register() | //allocate init_data and add it to devres | regulator_of_... • https://git.kernel.org/stable/c/cb29811d989bcb7ea81ca111c4b13878b344e086 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50615 – perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
https://notcve.org/view.php?id=CVE-2022-50615
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() pci_get_device() will increase the reference count for the returned pci_dev, so snr_uncore_get_mc_dev() will return a pci_dev with its reference count increased. We need to call pci_dev_put() to decrease the reference count. Let's add the missing pci_dev_put(). In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference coun... • https://git.kernel.org/stable/c/ee49532b38dd084650bf715eabe7e3828fb8d275 •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50614 – misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic
https://notcve.org/view.php?id=CVE-2022-50614
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: [ 60.137988] ------------[ cut here ]------------ [ 60.142630] kernel BUG at kernel/dma/swiotlb.c:624! [ 60.147508] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 60.152992] Modules linked in: dw_hdmi_cec crct10dif_ce simple_bridge rcar_fdp1 vsp1 rcar_vin... • https://git.kernel.org/stable/c/343dc693f7b79885197f9d37dd8b711b0e3ffc8f •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50583 – md/raid0, raid10: Don't set discard sectors for request queue
https://notcve.org/view.php?id=CVE-2022-50583
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use disk_stack_limits to get a proper max_discard_sectors rather than setting a value by stack drivers. And there is a bug. If all member disks are rotational devices, raid0/raid10 set max_discard_sectors. So the member devices are not ssd/nvme, but raid0/raid10 export the wrong value. It reports warning messages in function __blkdev_issue_discard when mkfs.xfs like thi... • https://git.kernel.org/stable/c/e80bef070699d2e791badefccb1ddabd6998d468 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-40324 – NFSD: Fix crash in nfsd4_read_release()
https://notcve.org/view.php?id=CVE-2025-40324
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4_read_release() When tracing is enabled, the trace_nfsd_read_done trace point crashes during the pynfs read.testNoFh test. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4_read_release() When tracing is enabled, the trace_nfsd_read_done trace point crashes during the pynfs read.testNoFh test. • https://git.kernel.org/stable/c/65a33135e91e6dd661ecdf1194b9d90c49ae3570 •
CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 0CVE-2025-40323 – fbcon: Set fb_display[i]->mode to NULL when the mode is released
https://notcve.org/view.php?id=CVE-2025-40323
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fbcon: Set fb_display[i]->mode to NULL when the mode is released Recently, we discovered the following issue through syzkaller: BUG: KASAN: slab-use-after-free in fb_mode_is_equal+0x285/0x2f0 Read of size 4 at addr ff11000001b3c69c by task syz.xxx ... Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-40322 – fbdev: bitblit: bound-check glyph index in bit_putcs*
https://notcve.org/view.php?id=CVE-2025-40322
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bit_putcs* bit_putcs_aligned()/unaligned() derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the built-in font array. Clamp the index to the actual glyph count before computing the address. This fixes a global out-of-bounds read reported by syzbot. In the Linux kernel, the following vulnerability has been... • https://git.kernel.org/stable/c/a10cede006f9614b465cf25609a8753efbfd45cc •