CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49029 – hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
https://notcve.org/view.php?id=CVE-2022-49029
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ibmpex_register_bmc() warn: '&data->list' not removed from list If ibmpex_find_sensors() fails in ibmpex_register_bmc(), data will be freed, but data->list will not be removed from driver_data.bmc_data, then list traversal may cause UAF. Fix by removeing it from driver_data.bmc_data before free(). • https://git.kernel.org/stable/c/57c7c3a0fdea95eddcaeba31e7ca7dfc917682ab https://git.kernel.org/stable/c/f2a13196ad41c6c2ab058279dffe6c97292e753a https://git.kernel.org/stable/c/798198273bf86673b970b51acdb35e57f42b3fcb https://git.kernel.org/stable/c/24b9633f7db7f4809be7053df1d2e117e7c2de10 https://git.kernel.org/stable/c/7b2b67fe1339389e0bf3c37c7a677a004ac0e4e3 https://git.kernel.org/stable/c/90907cd4d11351ff76c9a447bcb5db0e264c47cd https://git.kernel.org/stable/c/45f6e81863747c0d7bc6a95ec51129900e71467a https://git.kernel.org/stable/c/e65cfd1f9cd27d9c27ee5cb88128a9f79 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49028 – ixgbevf: Fix resource leak in ixgbevf_init_module()
https://notcve.org/view.php?id=CVE-2022-49028
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add destroy_workqueue() in fail path to prevent the resource leak. Similar to the handling of u132_hcd_init in commit f276e002793c ("usb: u132-hcd: fix resource leak") • https://git.kernel.org/stable/c/40a13e2493c9882cb4d09054d81a5063cd1589a2 https://git.kernel.org/stable/c/f166c62cad798c53300b4b327e44300c73ec492d https://git.kernel.org/stable/c/7109e941099244cc876a4b3cb7a3ec79f104374a https://git.kernel.org/stable/c/c99671d4699dcf90d6939923c8fe8a8918e140b2 https://git.kernel.org/stable/c/8cfa238a48f34038464b99d0b4825238c2687181 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49027 – iavf: Fix error handling in iavf_init_module()
https://notcve.org/view.php?id=CVE-2022-49027
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver() failed. Call destroy_workqueue() when pci_register_driver() failed to prevent the resource leak. Similar to the handling of u132_hcd_init in commit f276e002793c ("usb: u132-hcd: fix resource leak") • https://git.kernel.org/stable/c/2803b16c10ea7eec170c485388f5f26ae30e92fe https://git.kernel.org/stable/c/971c55f0763b480e63ceb7a22beb19be2509e5ed https://git.kernel.org/stable/c/0d9f5bd54b913018031c5b964fc1f9a31f5f6cb5 https://git.kernel.org/stable/c/bd477b891a4fa084561234eed4afacb3001dd359 https://git.kernel.org/stable/c/227d8d2f7f2278b8468c5531b0cd0f2a905b4486 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49026 – e100: Fix possible use after free in e100_xmit_prepare
https://notcve.org/view.php?id=CVE-2022-49026
In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100_xmit_prepare In e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so e100_xmit_frame() will return NETDEV_TX_BUSY and the upper layer will resend the skb. But the skb is already freed, which will cause UAF bug when the upper layer resends the skb. Remove the harmful free. • https://git.kernel.org/stable/c/5e5d49422dfb035ca9e280cd61d434095c151272 https://git.kernel.org/stable/c/b775f37d943966f6f77dca402f5a9dedce502c25 https://git.kernel.org/stable/c/9fc27d22cdb9b1fcd754599d216a8992fed280cd https://git.kernel.org/stable/c/b46f6144ab89d3d757ead940759c505091626a7d https://git.kernel.org/stable/c/45605c75c52c7ae7bfe902214343aabcfe5ba0ff •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49025 – net/mlx5e: Fix use-after-free when reverting termination table
https://notcve.org/view.php?id=CVE-2022-49025
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[num_vport_dests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null. • https://git.kernel.org/stable/c/10caabdaad5ace85577a453da97d1f8d3b944427 https://git.kernel.org/stable/c/0a2d73a77060c3cbdc6e801cd5d979d674cd404b https://git.kernel.org/stable/c/0d2f9d95d9fbe993f3c4bafb87d59897b0325aff https://git.kernel.org/stable/c/372eb550faa0757349040fd43f59483cbfdb2c0b https://git.kernel.org/stable/c/e6d2d26a49c3a9cd46b232975e45236304810904 https://git.kernel.org/stable/c/52c795af04441d76f565c4634f893e5b553df2ae •