CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50203 – ARM: OMAP2+: display: Fix refcount leak bug
https://notcve.org/view.php?id=CVE-2022-50203
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: display: Fix refcount leak bug In omapdss_init_fbdev(), of_find_node_by_name() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: display: Fix refcount leak bug In omapdss_init_fbdev(), of_find_node_by_name() will return a node pointer with refcount incremented. We should use of_node_put()... • https://git.kernel.org/stable/c/bdbdf69d5b78c5712c60c0004fa6aed12da36e26 •
CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50202 – PM: hibernate: defer device probing when resuming from hibernation
https://notcve.org/view.php?id=CVE-2022-50202
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: defer device probing when resuming from hibernation syzbot is reporting hung task at misc_open() [1], for there is a race window of AB-BA deadlock which involves probe_count variable. Currently wait_for_device_probe() from snapshot_open() from misc_open() can sleep forever with misc_mtx held if probe_count cannot become 0. When a device is probed by hub_event() work function, probe_count is incremented before the probe functi... • https://git.kernel.org/stable/c/8c90947e5f1801e6c7120021c6ea0f3ad6a4eb91 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50201 – selinux: fix memleak in security_read_state_kernel()
https://notcve.org/view.php?id=CVE-2022-50201
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policy without freeing the allocated memory in *data, cause memory leak issue, so free the memory if __security_read_policy failed. [PM: subject line tweak] In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the res... • https://git.kernel.org/stable/c/c877c5217145bda8fd95f506bf42f8d981afa57d •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50200 – selinux: Add boundary check in put_entry()
https://notcve.org/view.php?id=CVE-2022-50200
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memory out-of-bound access. In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memory out-of-bound access. • https://git.kernel.org/stable/c/2dabe6a872a5744865372eb30ea51e8ccd21305a •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50087 – firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails
https://notcve.org/view.php?id=CVE-2022-50087
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() but freed when the probe fails. In the Linux kernel, the following vulnerabili... • https://git.kernel.org/stable/c/5aa558232edc30468d1f35108826dd5b3ffe978f •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50086 – block: don't allow the same type rq_qos add more than once
https://notcve.org/view.php?id=CVE-2022-50086
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rq_qos add more than once In our test of iocost, we encountered some list add/del corruptions of inner_walk list in ioc_timer_fn. The reason can be described as follows: cpu 0 cpu 1 ioc_qos_write ioc_qos_write ioc = q_to_ioc(queue); if (!ioc) { ioc = kzalloc(); ioc = q_to_ioc(queue); if (!ioc) { ioc = kzalloc(); ... rq_qos_add(q, rqos); } ... rq_qos_add(q, rqos); ... } When the io.cost.qos file is written by... • https://git.kernel.org/stable/c/0b7f5d7a4d2a72ad9de04ab8ccba2a31904aa638 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50085 – dm raid: fix address sanitizer warning in raid_resume
https://notcve.org/view.php?id=CVE-2022-50085
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs->raid_disks, so the loop touches one entry beyond the allocated length. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume... • https://git.kernel.org/stable/c/c2f075e729636a44e98d9722e3852c2fa6fa49b6 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50084 – dm raid: fix address sanitizer warning in raid_status
https://notcve.org/view.php?id=CVE-2022-50084
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/storage/swraid/scsi_raid ================================================================== BUG: KASAN: slab-out-of-bounds in raid_status+0x1747/0x2820 [dm_raid] Read of size 4 at addr ffff888079d2c7e8 by task lvcreate/13319 CPU: 0 PID: ... • https://git.kernel.org/stable/c/1ae0ebfb576b72c2ef400917a5484ebe7892d80b •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50083 – ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
https://notcve.org/view.php?id=CVE-2022-50083
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h When adding an xattr to an inode, we must ensure that the inode_size is not less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise, the end position may be greater than the start position, resulting in UAF. In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h When adding an xattr to an inode, we must ensure t... • https://git.kernel.org/stable/c/214c68423fd632646c68f3ec8b3c2602cf8273f3 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50082 – ext4: fix warning in ext4_iomap_begin as race between bmap and write
https://notcve.org/view.php?id=CVE-2022-50082
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4_iomap_begin as race between bmap and write We got issue as follows: ------------[ cut here ]------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4_iomap_begin+0x182/0x5d0 RIP: 0010:ext4_iomap_begin+0x182/0x5d0 RSP: 0018:ffff88812460fa08 EFLAGS: 00010293 RAX: ffff88811f168000 RBX: 0000000000000000 RCX: ffffffff97793c12 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: ffff88812c6691... • https://git.kernel.org/stable/c/e1682c7171a6c0ff576fe8116b8cba5b8f538b94 •