CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49325 – tcp: add accessors to read/set tp->snd_cwnd
https://notcve.org/view.php?id=CVE-2022-49325
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp->snd_cwnd We had various bugs over the years with code breaking the assumption that tp->snd_cwnd is greater than zero. Lately, syzbot reported the WARN_ON_ONCE(!tp->prior_cwnd) added in commit 8b8a321ff72c ("tcp: fix zero cwnd in tcp_cwnd_reduction") can trigger, and without a repro we would have to spend considerable time finding the bug. Instead of complaining too late, we want to catch where and when tp-... • https://git.kernel.org/stable/c/3308676ec525901bf1656014003c443a60730a04 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49324 – mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
https://notcve.org/view.php?id=CVE-2022-49324
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mips: cpc: Fix refcount leak in mips_cpc_default_phys_base Add the missing of_node_put() to release the refcount incremented by of_find_compatible_node(). In the Linux kernel, the following vulnerability has been resolved: mips: cpc: Fix refcount leak in mips_cpc_default_phys_base Add the missing of_node_put() to release the refcount incremented by of_find_compatible_node(). • https://git.kernel.org/stable/c/bed702566dcdb6ebe300bc0c62bf3600cf4d5874 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49323 – iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
https://notcve.org/view.php?id=CVE-2022-49323
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code. In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_... • https://git.kernel.org/stable/c/3660db29b0305f9a1d95979c7af0f5db6ea99f5d •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49322 – tracing: Fix sleeping function called from invalid context on RT kernel
https://notcve.org/view.php?id=CVE-2022-49322
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix sleeping function called from invalid context on RT kernel When setting bootparams="trace_event=initcall:initcall_start tp_printk=1" in the cmdline, the output_printk() was called, and the spin_lock_irqsave() was called in the atomic and irq disable interrupt context suitation. On the PREEMPT_RT kernel, these locks are replaced with sleepable rt-spinlock, so the stack calltrace will be triggered. Fix it by raw_spin_lock_irqsave... • https://git.kernel.org/stable/c/be1f323fb9d9b14a505ca22d742d321769454de1 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49321 – xprtrdma: treat all calls not a bcall when bc_serv is NULL
https://notcve.org/view.php?id=CVE-2022-49321
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bc_serv is NULL When a rdma server returns a fault format reply, nfs v3 client may treats it as a bcall when bc service is not exist. The debug message at rpcrdma_bc_receive_call are, [56579.837169] RPC: rpcrdma_bc_receive_call: callback XID 00000001, length=20 [56579.837174] RPC: rpcrdma_bc_receive_call: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 After that, rpcrdma_bc_receive_cal... • https://git.kernel.org/stable/c/8e3943c50764dc7c5f25911970c3ff062ec1f18c •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49320 – dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
https://notcve.org/view.php?id=CVE-2022-49320
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type In zynqmp_dma_alloc/free_chan_resources functions there is a potential overflow in the below expressions. dma_alloc_coherent(chan->dev, (2 * chan->desc_size * ZYNQMP_DMA_NUM_DESCS), &chan->desc_pool_p, GFP_KERNEL); dma_free_coherent(chan->dev,(2 * ZYNQMP_DMA_DESC_SIZE(chan) * ZYNQMP_DMA_NUM_DESCS), chan->desc_pool_v, chan->desc_pool_p); The arguments desc_size and ZYNQ... • https://git.kernel.org/stable/c/83960276ffc9bf5570d4106490346b61e61be5f3 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49319 – iommu/arm-smmu-v3: check return value after calling platform_get_resource()
https://notcve.org/view.php?id=CVE-2022-49319
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. • https://git.kernel.org/stable/c/54c1e0e3bbcab2abe25b2874a43050ae5df87831 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49318 – f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
https://notcve.org/view.php?id=CVE-2022-49318
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARN_ON in f2fs_is_valid_blkaddr Syzbot triggers two WARNs in f2fs_is_valid_blkaddr and __is_bitmap_valid. For example, in f2fs_is_valid_blkaddr, if type is DATA_GENERIC_ENHANCE or DATA_GENERIC_ENHANCE_READ, it invokes WARN_ON if blkaddr is not in the right range. The call trace is as follows: f2fs_get_node_info+0x45f/0x1070 read_node_page+0x577/0x1190 __get_node_page.part.0+0x9e/0x10e0 __get_node_page f2fs_get_node_page+0x109/... • https://git.kernel.org/stable/c/0a7a1fc7e71eecf2e5053a6c312c9f0dcbb9b8fd •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49317 – f2fs: avoid infinite loop to flush node pages
https://notcve.org/view.php?id=CVE-2022-49317
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid infinite loop to flush node pages xfstests/generic/475 can give EIO all the time which give an infinite loop to flush node page like below. Let's avoid it. [16418.518551] Call Trace: [16418.518553] ? dm_submit_bio+0x48/0x400 [16418.518574] ? submit_bio_checks+0x1ac/0x5a0 [16418.525207] __submit_bio+0x1a9/0x230 [16418.525210] ? kmem_cache_alloc+0x29e/0x3c0 [16418.525223] submit_bio_noacct+0xa8/0x2b0 [16418.525226] submit_bio+0x4d... • https://git.kernel.org/stable/c/bd47ea5d776d8b524fb6f60de3240f95603901dd •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49316 – NFSv4: Don't hold the layoutget locks across multiple RPC calls
https://notcve.org/view.php?id=CVE-2022-49316
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr(). The reason is that those calls could trigger a recall, which could deadlock. • https://git.kernel.org/stable/c/6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010 •