CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2022-49685 – iio: trigger: sysfs: fix use-after-free on remove
https://notcve.org/view.php?id=CVE-2022-49685
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irq_work_run_list Read of size 8 at addr 0000000064702248 by task python3/25 Call Trace: irq_work_run_list irq_work_tick update_process_times tick_sched_handle tick_sched_timer __hrtimer_run_queues hrtimer_interrupt Allocated by ... • https://git.kernel.org/stable/c/f38bc926d022ebd67baad6ac7fc22c95fbc6238c •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49682 – xtensa: Fix refcount leak bug in time.c
https://notcve.org/view.php?id=CVE-2022-49682
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when ... • https://git.kernel.org/stable/c/3e5eb904d9ba657308fc75a5de434b0e58dcb8d7 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49681 – xtensa: xtfpga: Fix refcount leak bug in setup
https://notcve.org/view.php?id=CVE-2022-49681
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put... • https://git.kernel.org/stable/c/b12d5c52f073a0420622aaf2f21b615cce8b36cc •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49679 – ARM: Fix refcount leak in axxia_boot_secondary
https://notcve.org/view.php?id=CVE-2022-49679
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: Fix refcount leak in axxia_boot_secondary of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: Fix refcount leak in axxia_boot_secondary of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it w... • https://git.kernel.org/stable/c/1d22924e1c4e299337e86e290c02c3e3eb43b608 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49677 – ARM: cns3xxx: Fix refcount leak in cns3xxx_init
https://notcve.org/view.php?id=CVE-2022-49677
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxx_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxx_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it... • https://git.kernel.org/stable/c/415f59142d9d9dd023deaeb3b4dfc1aecdd3983c •
CVSS: 10.0EPSS: %CPEs: 7EXPL: 0CVE-2022-49674 – dm raid: fix accesses beyond end of raid member array
https://notcve.org/view.php?id=CVE-2022-49674
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the number of raid metadata and image tupples passed into the target's constructor. In the case of RAID layout changes being requested, that number can be different from the current number of members for existing raid sets as defined in the... • https://git.kernel.org/stable/c/5e161a8826b63c0b8b43e4a7fad1f956780f42ab •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2022-49673 – dm raid: fix KASAN warning in raid5_add_disks
https://notcve.org/view.php?id=CVE-2022-49673
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We fix the warning by verifying that rdev->saved_raid_disk is within limits. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when... • https://git.kernel.org/stable/c/2d4e7c9898c20fb3d3f55381cab601761aab7d64 •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49661 – can: gs_usb: gs_usb_open/close(): fix memory leak
https://notcve.org/view.php?id=CVE-2022-49661
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_open/close(): fix memory leak The gs_usb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usb_alloc_coherent() to allocate a number of USB request blocks (URBs) for RX, and then later relies on usb_kill_anchored_urbs() to free them, but this doesn't actually free them. As a result, this may be leaking DMA memory that's been used by the driver. This commit is an adaptation ... • https://git.kernel.org/stable/c/d08e973a77d128b25e01a08c34d89593fdf222da •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49657 – usbnet: fix memory leak in error case
https://notcve.org/view.php?id=CVE-2022-49657
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer • https://git.kernel.org/stable/c/877bd862f32b815d54ab5fc10a4fd903d7bf3012 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49651 – srcu: Tighten cleanup_srcu_struct() GP checks
https://notcve.org/view.php?id=CVE-2022-49651
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanup_srcu_struct() GP checks Currently, cleanup_srcu_struct() checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation could result in a use-after-free bug, so this commit adds a check for a grace period that is needed but not yet started to cleanup_srcu_struct(). In the Linux kernel, the following vulnerability has been reso... • https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07 •