CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49028 – ixgbevf: Fix resource leak in ixgbevf_init_module()
https://notcve.org/view.php?id=CVE-2022-49028
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add destroy_workqueue() in fail path to prevent the resource leak. Similar to the handling of u132_hcd_init in commit f276e002793c ("usb: u132-hcd: fix resource leak") • https://git.kernel.org/stable/c/40a13e2493c9882cb4d09054d81a5063cd1589a2 https://git.kernel.org/stable/c/f166c62cad798c53300b4b327e44300c73ec492d https://git.kernel.org/stable/c/7109e941099244cc876a4b3cb7a3ec79f104374a https://git.kernel.org/stable/c/c99671d4699dcf90d6939923c8fe8a8918e140b2 https://git.kernel.org/stable/c/8cfa238a48f34038464b99d0b4825238c2687181 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49027 – iavf: Fix error handling in iavf_init_module()
https://notcve.org/view.php?id=CVE-2022-49027
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver() failed. Call destroy_workqueue() when pci_register_driver() failed to prevent the resource leak. Similar to the handling of u132_hcd_init in commit f276e002793c ("usb: u132-hcd: fix resource leak") • https://git.kernel.org/stable/c/2803b16c10ea7eec170c485388f5f26ae30e92fe https://git.kernel.org/stable/c/971c55f0763b480e63ceb7a22beb19be2509e5ed https://git.kernel.org/stable/c/0d9f5bd54b913018031c5b964fc1f9a31f5f6cb5 https://git.kernel.org/stable/c/bd477b891a4fa084561234eed4afacb3001dd359 https://git.kernel.org/stable/c/227d8d2f7f2278b8468c5531b0cd0f2a905b4486 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49026 – e100: Fix possible use after free in e100_xmit_prepare
https://notcve.org/view.php?id=CVE-2022-49026
In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100_xmit_prepare In e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so e100_xmit_frame() will return NETDEV_TX_BUSY and the upper layer will resend the skb. But the skb is already freed, which will cause UAF bug when the upper layer resends the skb. Remove the harmful free. • https://git.kernel.org/stable/c/5e5d49422dfb035ca9e280cd61d434095c151272 https://git.kernel.org/stable/c/b775f37d943966f6f77dca402f5a9dedce502c25 https://git.kernel.org/stable/c/9fc27d22cdb9b1fcd754599d216a8992fed280cd https://git.kernel.org/stable/c/b46f6144ab89d3d757ead940759c505091626a7d https://git.kernel.org/stable/c/45605c75c52c7ae7bfe902214343aabcfe5ba0ff •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49025 – net/mlx5e: Fix use-after-free when reverting termination table
https://notcve.org/view.php?id=CVE-2022-49025
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[num_vport_dests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null. • https://git.kernel.org/stable/c/10caabdaad5ace85577a453da97d1f8d3b944427 https://git.kernel.org/stable/c/0a2d73a77060c3cbdc6e801cd5d979d674cd404b https://git.kernel.org/stable/c/0d2f9d95d9fbe993f3c4bafb87d59897b0325aff https://git.kernel.org/stable/c/372eb550faa0757349040fd43f59483cbfdb2c0b https://git.kernel.org/stable/c/e6d2d26a49c3a9cd46b232975e45236304810904 https://git.kernel.org/stable/c/52c795af04441d76f565c4634f893e5b553df2ae •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49024 – can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods
https://notcve.org/view.php?id=CVE-2022-49024
In the Linux kernel, the following vulnerability has been resolved: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods In m_can_pci_remove() and error handling path of m_can_pci_probe(), m_can_class_free_dev() should be called to free resource allocated by m_can_class_allocate_dev(), otherwise there will be memleak. • https://git.kernel.org/stable/c/cab7ffc0324f053c8fb56c821cdd63dc0383270d https://git.kernel.org/stable/c/ea8dc27bb044e19868155e500ce397007be98656 https://git.kernel.org/stable/c/0bbb88651ef6b7fbb1bf75ec7ba69add632e834b https://git.kernel.org/stable/c/1eca1d4cc21b6d0fc5f9a390339804c0afce9439 •