CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49410 – tracing: Fix potential double free in create_var_ref()
https://notcve.org/view.php?id=CVE-2022-49410
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable ref_field, which is allocated in the previous function call to create_hist_field(). In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable re... • https://git.kernel.org/stable/c/067fe038e70f6e64960d26a79c4df5f1413d0f13 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-49409 – ext4: fix bug_on in __es_tree_search
https://notcve.org/view.php?id=CVE-2022-49409
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199!... In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! • https://git.kernel.org/stable/c/5946d089379a35dda0e531710b48fca05446a196 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49408 – ext4: fix memory leak in parse_apply_sb_mount_options()
https://notcve.org/view.php?id=CVE-2022-49408
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parse_apply_sb_mount_options() If processing the on-disk mount options fails after any memory was allocated in the ext4_fs_context, e.g. s_qf_names, then this memory is leaked. ... Reproducer: mkfs.ext4 -F /dev/vdc tune2fs /dev/vdc -E mount_opts=usrjquota=file echo clear > /sys/kernel/debug/kmemleak mount /dev/vdc /vdc echo scan > /sys/kernel/debug/kmemleak sleep 5 echo scan > /sys/kernel/debug/kmemleak cat /... • https://git.kernel.org/stable/c/7edfd85b1ffd36593011dec96ab395912a340418 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49407 – dlm: fix plock invalid read
https://notcve.org/view.php?id=CVE-2022-49407
26 Feb 2025 — __ia32_sys_read+0xb0/0xb0 [ 2064.325464] do_syscall_64+0x3a/0x80 [ 2064.326387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2064.327606] RIP: 0033:0x7f807e4ba96f [ 2064.328470] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 39 87 f8 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 87 f8 ff 48 [ 2064.332902] RSP: 002b:00007ffd50cfe6e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2064.334658] RAX: ffffffffffffffda RBX: 000055cc... • https://git.kernel.org/stable/c/586759f03e2e9031ac5589912a51a909ed53c30a •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49406 – block: Fix potential deadlock in blk_ia_range_sysfs_show()
https://notcve.org/view.php?id=CVE-2022-49406
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blk_ia_range_sysfs_show() When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. ... In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blk_ia_range_sysfs_show() When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. • https://git.kernel.org/stable/c/a2247f19ee1c5ad75ef095cdfb909a3244b88aa8 •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49405 – staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan()
https://notcve.org/view.php?id=CVE-2022-49405
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan() This code has a check to prevent read overflow but it needs another check to prevent writing beyond the end of the ->Ssid[] array. In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan() This code has a check to prevent read overflow but it needs another check to prevent writing beyond the e... • https://git.kernel.org/stable/c/2b42bd58b32155a1be4dd78991845dec05aaef9e •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49404 – RDMA/hfi1: Fix potential integer multiplication overflow errors
https://notcve.org/view.php?id=CVE-2022-49404
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. ... In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49403 – lib/string_helpers: fix not adding strarray to device's resource list
https://notcve.org/view.php?id=CVE-2022-49403
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: lib/string_helpers: fix not adding strarray to device's resource list Add allocated strarray to device's resource list. ... In the Linux kernel, the following vulnerability has been resolved: lib/string_helpers: fix not adding strarray to device's resource list Add allocated strarray to device's resource list. • https://git.kernel.org/stable/c/acdb89b6c87a2d7b5c48a82756e6f5c6f599f60a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49402 – ftrace: Clean up hash direct_functions on register failures
https://notcve.org/view.php?id=CVE-2022-49402
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI [...] [ ] RIP: 0010:ftrace_find_rec_direct+0x53/0x70 [ ] Code: 48 c1 e0 03 48 03 42 08 48 8b 10 31 c0 48 85 d2 74 [...] [ ] RSP: 0018:ffffc9000138bc10 EFLAGS: 00010206 [ ] RAX: 000000000000... • https://git.kernel.org/stable/c/763e34e74bb7d5c316015e2e39fcc8520bfd071c •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49401 – mm/page_owner: use strscpy() instead of strlcpy()
https://notcve.org/view.php?id=CVE-2022-49401
26 Feb 2025 — invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 4087 Comm: dhcpcd-run-hooks Not tainted 5.18.0-rc3-syzkaller-01537-g20b87e7c29df #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:fortify_panic+0x18/0x1a lib/string_helpers.c:980 Code: 8c e8 c5 ba e1 fa e9 23 0f bf fa e8 0b 5d 8c f8 eb db 55 48 89 fd e8 e0 49 40 f8 48 89 ee 48 c7 c7 80 f5 26 8a e8 99 09 f1 ff <0f> 0b e8 ca 49 40 f8 48 8b 54 24 18 4c 89 f1 48 c7 c7 00 00 27 8a RSP: 0018:ffffc90000007... • https://git.kernel.org/stable/c/865ed6a3278654ce4a55eb74c5283eeb82ad4699 • CWE-787: Out-of-bounds Write •