CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49480 – ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe
https://notcve.org/view.php?id=CVE-2022-49480
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device() to release it. In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device() to release it. when devm_kzalloc() fails, it doesn't have a put_device(), it will cause refcount leak. • https://git.kernel.org/stable/c/6a5f850aa83a1d844d27e3e53ca2f247e55d438b •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49479 – mt76: fix tx status related use-after-free race on station removal
https://notcve.org/view.php?id=CVE-2022-49479
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mt76: fix tx status related use-after-free race on station removal There is a small race window where ongoing tx activity can lead to a skb getting added to the status tracking idr after that idr has already been cleaned up, which will keep the wcid linked in the status poll list. Fix this by only adding status skbs if the wcid pointer is still assigned in dev->wcid, which gets cleared early by mt76_sta_pre_rcu_remove In the Linux... • https://git.kernel.org/stable/c/bd1e3e7b693c17a04e7d2bd9119daa482b7c7720 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49478 – media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
https://notcve.org/view.php?id=CVE-2022-49478
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. ... In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. • https://git.kernel.org/stable/c/d855497edbfbf9e19a17f4a1154bca69cb4bd9ba •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49477 – ASoC: samsung: Fix refcount leak in aries_audio_probe
https://notcve.org/view.php?id=CVE-2022-49477
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. • https://git.kernel.org/stable/c/7a3a7671fa6c7e90aff5f4242add2a40587b85ef •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49476 – mt76: mt7921: fix kernel crash at mt7921_pci_remove
https://notcve.org/view.php?id=CVE-2022-49476
26 Feb 2025 — [ 9299.339655] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 9299.339705] #PF: supervisor read access in kernel mode [ 9299.339735] #PF: error_code(0x0000) - not-present page [ 9299.339768] PGD 0 P4D 0 [ 9299.339786] Oops: 0000 [#1] SMP PTI [ 9299.339812] CPU: 1 PID: 1624 Comm: prepare-suspend Not tainted 5.15.14-1.fc32.qubes.x86_64 #1 [ 9299.339863] Hardware name: Xen HVM domU, BIOS 4.14.3 01/20/2022 [ 9299.339901] RIP: 0010:mt7921_irq_handler+0x1e/0x70 [mt7921e] [ 9299.340048] RSP: 001... • https://git.kernel.org/stable/c/5c14a5f944b91371961548b1907802f74a4d2e5c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49475 – spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname()
https://notcve.org/view.php?id=CVE-2022-49475
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need ch... • https://git.kernel.org/stable/c/858e26a515c28df3ef542d9c09493b54a329d6cf •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-49474 – Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
https://notcve.org/view.php?id=CVE-2022-49474
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created but only one is associated with the socket. ... kthread_bind+0x4b/0x4b ret_from_fork+0x1f/0x30 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in s... • https://git.kernel.org/stable/c/22c66af08230a7030bdb88accffaec3424695631 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49473 – ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
https://notcve.org/view.php?id=CVE-2022-49473
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not ne... • https://git.kernel.org/stable/c/6748d05590594837e42dfa975879fb275099f0b2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49472 – net: phy: micrel: Allow probing without .driver_data
https://notcve.org/view.php?id=CVE-2022-49472
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer der... • https://git.kernel.org/stable/c/7dcb404662839a4ed1a9703658fee979eb894ca4 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49471 – rtw89: cfo: check mac_id to avoid out-of-bounds
https://notcve.org/view.php?id=CVE-2022-49471
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check mac_id to avoid out-of-bounds Somehow, hardware reports incorrect mac_id and pollute memory. ... set_kthread_struct+0x50/0x50 ret_from_fork+0x22/0x30 </TASK> In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check mac_id to avoid out-of-bounds Somehow, hardware reports incorrect mac_id and pollute memory. • https://git.kernel.org/stable/c/e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd • CWE-129: Improper Validation of Array Index •