CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50560 – drm/meson: explicitly remove aggregate driver at module unload time
https://notcve.org/view.php?id=CVE-2022-50560
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/meson: explicitly remove aggregate driver at module unload time Because component_master_del wasn't being called when unloading the meson_drm module, the aggregate device would linger forever in the global aggregate_devices list. That means when unloading and reloading the meson_dw_hdmi module, component_add would call into try_to_bring_up_aggregate_device and find the unbound meson_drm aggregate device. This would in turn dereference s... • https://git.kernel.org/stable/c/8a427a22839daacd36531a62c83d5c9cd6f20657 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50559 – clk: imx: scu: fix memleak on platform_device_add() fails
https://notcve.org/view.php?id=CVE-2022-50559
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platform_device_add() fails No error handling is performed when platform_device_add() fails. Add error processing before return, and modified the return value. In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platform_device_add() fails No error handling is performed when platform_device_add() fails. Add error processing before return, and modified the return val... • https://git.kernel.org/stable/c/77d8f3068c63ee0983f0b5ba3207d3f7cce11be4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50558 – regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode
https://notcve.org/view.php?id=CVE-2022-50558
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config registers for irq types") added the num_config_regs, then commit 9edd4f5aee84 ("regmap-irq: Deprecate type registers and virtual registers") suggested to replace num_type_reg with it. However, regmap_add_irq_chip_fwnode wasn't modified to use the new property. Later on, commit 255a03bb1bb3 ("ASoC: wcd9335: Conver... • https://git.kernel.org/stable/c/faa87ce9196dbb074d75bd4aecb8bacf18f19b4e •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50557 – pinctrl: thunderbay: fix possible memory leak in thunderbay_build_functions()
https://notcve.org/view.php?id=CVE-2022-50557
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbay_build_functions() The thunderbay_add_functions() will free memory of thunderbay_funcs when everything is ok, but thunderbay_funcs will not be freed when thunderbay_add_functions() fails, then there will be a memory leak, so we need to add kfree() when thunderbay_add_functions() fails to fix it. In addition, doing some cleaner works, moving kfree(funcs) from thunderbay_add_functions... • https://git.kernel.org/stable/c/12422af8194df85243d68b11f8783de9d01e58dc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50556 – drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
https://notcve.org/view.php?id=CVE-2022-50556
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_properties() and won't check the ret value. When drm_mode_create_standard_properties() failed due to alloc, property will be a NULL pointer and may causes the null-ptr-deref. Fix the null-ptr-deref by adding the ret value check. Found null-ptr-deref while testing insert module bochs: general protection fault, probably ... • https://git.kernel.org/stable/c/6b4959f43a04e12d39c5700607727f2cbcfeac31 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-40016 – media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID
https://notcve.org/view.php?id=CVE-2025-40016
20 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Terminal within the video function is assigned a unique identification number, the Unit ID (UID) or Terminal ID (TID), contained in the bUnitID or bTerminalID field of the descriptor. The value 0x00 is reserved for undefined ID, ``` If we add a new entity with id 0 or a ... • https://git.kernel.org/stable/c/a3fbc2e6bb05a3b1ea341cd29dea09b4a033727b •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-40013 – ASoC: qcom: audioreach: fix potential null pointer dereference
https://notcve.org/view.php?id=CVE-2025-40013
20 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widget_load_module_common() could return NULL or an error pointer. Add missing NULL check so that we do not dereference it. In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widg... • https://git.kernel.org/stable/c/36ad9bf1d93d66b901342eab9f8ed6c1537655a6 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-40011 – drm/gma500: Fix null dereference in hdmi teardown
https://notcve.org/view.php?id=CVE-2025-40011
20 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pci_set_drvdata sets the value of pdev->driver_data to NULL, after which the driver_data obtained from the same dev is dereferenced in oaktrail_hdmi_i2c_exit, and the i2c_dev is extracted from it. To prevent this, swap these calls. Found by Linux Verification Center (linuxtesting.org) with Svacer. In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null derefe... • https://git.kernel.org/stable/c/1b082ccf5901108d3acd860a73d8c0442556c0bb •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-40010 – afs: Fix potential null pointer dereference in afs_put_server
https://notcve.org/view.php?id=CVE-2025-40010
20 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afs_put_server afs_put_server() accessed server->debug_id before the NULL check, which could lead to a null pointer dereference. Move the debug_id assignment, ensuring we never dereference a NULL server pointer. In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afs_put_server afs_put_server() accessed server->debug_id before the N... • https://git.kernel.org/stable/c/2757a4dc184997c66ef1de32636f73b9f21aac14 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-40008 – kmsan: fix out-of-bounds access to shadow memory
https://notcve.org/view.php?id=CVE-2025-40008
20 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: kmsan: fix out-of-bounds access to shadow memory Running sha224_kunit on a KMSAN-enabled kernel results in a crash in kmsan_internal_set_shadow_origin(): BUG: unable to handle page fault for address: ffffbc3840291000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 1810067 P4D 1810067 PUD 192d067 PMD 3c17067 PTE 0 Oops: 0000 [#1] SMP NOPTI CPU: 0 UID: 0 PID: 81 Comm: kunit_try_catch Tainted: G N 6.17... • https://git.kernel.org/stable/c/9ff078f5bad8990091f1639347de5e02636e9536 •