CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49634 – sysctl: Fix data-races in proc_dou8vec_minmax().
https://notcve.org/view.php?id=CVE-2022-49634
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in proc_dou8vec_minmax(). A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_dou8vec_minmax() to use READ_ONCE() and WRITE_ONCE() internally to fix data-races on the sysctl side. For now, proc_dou8vec_minmax() itself is tolerant to a data-race, but we still need to add annotat... • https://git.kernel.org/stable/c/cb9444130662c6c13022579c861098f212db2562 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49633 – icmp: Fix data-races around sysctl_icmp_echo_enable_probe.
https://notcve.org/view.php?id=CVE-2022-49633
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl_icmp_echo_enable_probe. While reading sysctl_icmp_echo_enable_probe, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl_icmp_echo_enable_probe. While reading sysctl_icmp_echo_enable_probe, it can be changed concurrently. • https://git.kernel.org/stable/c/d329ea5bd8845f0b196bf41b18b6173340d6e0e4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49632 – icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
https://notcve.org/view.php?id=CVE-2022-49632
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed concurrently. • https://git.kernel.org/stable/c/1c2fb7f93cb20621772bf304f3dba0849942e5db •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49631 – raw: Fix a data-race around sysctl_raw_l3mdev_accept.
https://notcve.org/view.php?id=CVE-2022-49631
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctl_raw_l3mdev_accept. While reading sysctl_raw_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctl_raw_l3mdev_accept. While reading sysctl_raw_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/6897445fb194c8ad046df4a13e1ee9f080a5a21e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49630 – tcp: Fix a data-race around sysctl_tcp_ecn_fallback.
https://notcve.org/view.php?id=CVE-2022-49630
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_ecn_fallback. While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/492135557dc090a1abb2cfbe1a412757e3ed68ab •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49629 – nexthop: Fix data-races around nexthop_compat_mode.
https://notcve.org/view.php?id=CVE-2022-49629
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/4f80116d3df3b23ee4b83ea8557629e1799bc230 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49628 – net: stmmac: fix leaks in probe
https://notcve.org/view.php?id=CVE-2022-49628
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix leaks in probe These two error paths should clean up before returning. • https://git.kernel.org/stable/c/2bb4b98b60d7dc89fc0a5bb64534be348ab654df •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49627 – ima: Fix potential memory leak in ima_init_crypto()
https://notcve.org/view.php?id=CVE-2022-49627
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the ima_algo_array. Add the missing kfree() for ima_algo_array to avoid the potential memory leak. In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing... • https://git.kernel.org/stable/c/6d94809af6b0830c4dfcad661535a5939bcb8a7d •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49626 – sfc: fix use after free when disabling sriov
https://notcve.org/view.php?id=CVE-2022-49626
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf->pci_dev: it was freed from pci_disable_sriov and later read in efx_ef10_sriov_free_vf_vports, called from efx_ef10_sriov_free_vf_vswitching. Set the pointer to NULL at release time to not trying to read it later. Reproducer and dmesg log (note that kfence doesn't detect it every time): $ echo 1 > /s... • https://git.kernel.org/stable/c/3c5eb87605e85146a78de589b5070a37862425db •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49625 – sfc: fix kernel panic when creating VF
https://notcve.org/view.php?id=CVE-2022-49625
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efx_ef10_try_update_nic_stats_vf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has to unmap memory with vunmap. It is disallowed to do that in IRQ context or with BH disabled. Otherwise, we hit this line in vunmap, causing the crash: BUG_ON(in_interrupt()); This patch reenables BH to release ... • https://git.kernel.org/stable/c/d778819609a27efd5358da8151a0ad3507243e19 •