CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49613 – serial: 8250: Fix PM usage_count for console handover
https://notcve.org/view.php?id=CVE-2022-49613
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usage_count for console handover When console is enabled, univ8250_console_setup() calls serial8250_console_setup() before .dev is set to uart_port. ... In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usage_count for console handover When console is enabled, univ8250_console_setup() calls serial8250_console_setup() before .dev is set to uart_port. • https://git.kernel.org/stable/c/bedb404e91bb2908d9921fc736a518a9d89525fc •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49612 – power: supply: core: Fix boundary conditions in interpolation
https://notcve.org/view.php?id=CVE-2022-49612
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions power_supply_temp2resist_simple and power_supply_ocv2cap_simple handle boundary conditions incorrectly. In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions power_supply_temp2resist_simple and power_supply_ocv2cap_simple handle boundary conditions incorrectly. • https://git.kernel.org/stable/c/a4585ba2050f460f749bbaf2b67bd56c41e30283 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49611 – x86/speculation: Fill RSB on vmexit for IBRS
https://notcve.org/view.php?id=CVE-2022-49611
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. ... In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. • https://git.kernel.org/stable/c/3d323b99ff5c8c57005184056d65f6af5b0479d8 • CWE-1037: Processor Optimization Removal or Modification of Security-critical Code •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49610 – KVM: VMX: Prevent RSB underflow before vmenter
https://notcve.org/view.php?id=CVE-2022-49610
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. ... For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write and the vmenter. [ bp: Fix 32-bit build. ] In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX,... • https://git.kernel.org/stable/c/afd743f6dde87296c6f3414706964c491bb85862 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49609 – power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
https://notcve.org/view.php?id=CVE-2022-49609
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe of_find_matching_node_and_match() returns a node pointer with refcount increm... • https://git.kernel.org/stable/c/0e545f57b708630c54c8c5c24ea7f7034f6c40d9 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49608 – pinctrl: ralink: Check for null return of devm_kcalloc
https://notcve.org/view.php?id=CVE-2022-49608
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for null return of devm_kcalloc Because of the possible failure of the allocation, data->domains might be NULL pointer and will cause the dereference of the NULL pointer later. In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for null return of devm_kcalloc Because of the possible failure of the allocation, data->domains might be NULL pointer and will cause the d... • https://git.kernel.org/stable/c/a86854d0c599b3202307abceb68feee4d7061578 •
CVSS: 4.7EPSS: 0%CPEs: 11EXPL: 0CVE-2022-49607 – perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
https://notcve.org/view.php?id=CVE-2022-49607
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() Yang Jihing reported a race between perf_event_set_output() and perf_mmap_close(): CPU1 CPU2 perf_mmap_close(e2) if (atomic_dec_and_test(&e2->rb->mmap_count)) // 1 - > 0 detach_rest = true ioctl(e1, IOC_SET_OUTPUT, e2) perf_event_set_output(e1, e2) ... In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race betwe... • https://git.kernel.org/stable/c/9bb5d40cd93c9dd4be74834b1dcb1ba03629716b •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49606 – RDMA/irdma: Fix sleep from invalid context BUG
https://notcve.org/view.php?id=CVE-2022-49606
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qos_mutex to process RoCEv2 QP's on netdev events causes a kernel splat. ... sched_clock_cpu+0xc/0xb0 kernel: irdma_inet6addr_event+0xc6/0x150 [irdma] In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qos_mutex to process RoCEv2 QP's on netdev events causes a kernel splat. • https://git.kernel.org/stable/c/146b9756f14c04894226fb97e2f102f217139c27 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49605 – igc: Reinstate IGC_REMOVED logic and implement it properly
https://notcve.org/view.php?id=CVE-2022-49605
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740f9abc4, "igc: Add support for PF") contained the following IGC_REMOVED checks in the igc_rd32/wr32() MMIO accessors: u32 igc_rd32(struct igc_hw *hw, u32 reg) { u8 __iomem *hw_addr = READ_ONCE(hw->hw_addr); u32 value = 0; if (IGC_REMOVED(hw_addr)) return ~value; value = readl(&hw_addr[reg]); /* reads should ... • https://git.kernel.org/stable/c/146740f9abc4976e4f0af1aa302efee1c699d2e4 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49604 – ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
https://notcve.org/view.php?id=CVE-2022-49604
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. ... In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. • https://git.kernel.org/stable/c/f87c10a8aa1e82498c42d0335524d6ae7cf5a52b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •