CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49550 – fs/ntfs3: provide block_invalidate_folio to fix memory leak
https://notcve.org/view.php?id=CVE-2022-49550
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide block_invalidate_folio to fix memory leak The ntfs3 filesystem lacks the 'invalidate_folio' method and it causes memory leak. ... In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide block_invalidate_folio to fix memory leak The ntfs3 filesystem lacks the 'invalidate_folio' method and it causes memory leak. • https://git.kernel.org/stable/c/7ba13abbd31ee9265e88d7dc029c0f786e665192 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49549 – x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails
https://notcve.org/view.php?id=CVE-2022-49549
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fails, the previously allocated threshold banks array @bp will be leaked because the call to mce_threshold_remove_device() will not free it. ... Add a helper which unwinds all the bank creation work previously done and pass into it the previously allocated threshold banks array for freeing. [ bp: Massage. ] In ... • https://git.kernel.org/stable/c/6458de97fc15530b54477c4e2b70af653e8ac3d9 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49548 – bpf: Fix potential array overflow in bpf_trampoline_get_progs()
https://notcve.org/view.php?id=CVE-2022-49548
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpf_trampoline_get_progs() The cnt value in the 'cnt >= BPF_MAX_TRAMP_PROGS' check does not include BPF_TRAMP_MODIFY_RETURN bpf programs, so the number of the attached BPF_TRAMP_MODIFY_RETURN bpf programs in a trampoline can exceed BPF_MAX_TRAMP_PROGS. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpf_trampoline_get_progs() The cnt ... • https://git.kernel.org/stable/c/88fd9e5352fe05f7fe57778293aebd4cd106960b • CWE-129: Improper Validation of Array Index •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49547 – btrfs: fix deadlock between concurrent dio writes when low on free data space
https://notcve.org/view.php?id=CVE-2022-49547
26 Feb 2025 — prepare_to_wait_exclusive+0xc0/0xc0 [12084.036659] btrfs_run_ordered_extent_work+0x1a/0x30 [btrfs] [12084.036688] btrfs_work_helper+0xf8/0x400 [btrfs] [12084.0367 ---truncated--- In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between concurrent dio writes when low on free data space When reserving data space for a direct IO write we can end up deadlocking if we have multiple tasks attempting a write to the same file range, there are multiple extents covered by... • https://git.kernel.org/stable/c/f0bfa76a11e93d0fe2c896fcb566568c5e8b5d3f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49546 – x86/kexec: fix memory leak of elf header buffer
https://notcve.org/view.php?id=CVE-2022-49546
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 (size 4096): comm "kexec", pid 14950, jiffies 4295110793 (age 373.951s) hex dump (first 32 bytes): 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 .ELF............ In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmem... • https://git.kernel.org/stable/c/23cf39dccf7653650701a6f39b119e9116a27f1a •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49545 – ALSA: usb-audio: Cancel pending work at closing a MIDI substream
https://notcve.org/view.php?id=CVE-2022-49545
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending wor... • https://git.kernel.org/stable/c/40bdb5ec957aca5c5c1924602bef6b0ab18e22d3 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49544 – ipw2x00: Fix potential NULL dereference in libipw_xmit()
https://notcve.org/view.php?id=CVE-2022-49544
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipw2x00: Fix potential NULL dereference in libipw_xmit() crypt and crypt->ops could be null, so we need to checking null before dereference In the Linux kernel, the following vulnerability has been resolved: ipw2x00: Fix potential NULL dereference in libipw_xmit() crypt and crypt->ops could be null, so we need to checking null before dereference The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various secu... • https://git.kernel.org/stable/c/1ff6b0727c8988f25eeb670b6c038c1120bb58dd •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49543 – ath11k: fix the warning of dev_wake in mhi_pm_disable_transition()
https://notcve.org/view.php?id=CVE-2022-49543
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning in message as below. • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49542 – scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()
https://notcve.org/view.php?id=CVE-2022-49542
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() In an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard lockup call trace hangs the system. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() In an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard lockup call trace hangs the system. • https://git.kernel.org/stable/c/271725e4028559ae7974d762a8467dc9de412f2e •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49541 – cifs: fix potential double free during failed mount
https://notcve.org/view.php?id=CVE-2022-49541
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799 An update for kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_85_1 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. • https://git.kernel.org/stable/c/ce0008a0e410cdd95f0d8cd81b2902ec10a660c4 • CWE-415: Double Free •