CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49315 – drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
https://notcve.org/view.php?id=CVE-2022-49315
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() There is a deadlock in rtllib_beacons_stop(), which is shown below: (Thread 1) | (Thread 2) | rtllib_send_beacon() rtllib_beacons_stop() | mod_timer() spin_lock_irqsave() //(1) | (wait a time) ... | rtllib_send_beacon_cb() del_timer_sync() | spin_lock_irqsave() //(2) (wait timer to stop) | ... We hold ieee->beacon_lock in position (1) of thread 1 and use del_timer_sync() to w... • https://git.kernel.org/stable/c/4681129fda9e8555392eaaadb239ec6a6e2b3e12 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49314 – tty: Fix a possible resource leak in icom_probe
https://notcve.org/view.php?id=CVE-2022-49314
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icom_probe When pci_read_config_dword failed, call pci_release_regions() and pci_disable_device() to recycle the resource previously allocated. • https://git.kernel.org/stable/c/f4c836d90da1ece88905d62ce2ce39a962f25d1a •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49313 – drivers: usb: host: Fix deadlock in oxu_bus_suspend()
https://notcve.org/view.php?id=CVE-2022-49313
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: usb: host: Fix deadlock in oxu_bus_suspend() There is a deadlock in oxu_bus_suspend(), which is shown below: (Thread 1) | (Thread 2) | timer_action() oxu_bus_suspend() | mod_timer() spin_lock_irq() //(1) | (wait a time) ... | oxu_watchdog() del_timer_sync() | spin_lock_irq() //(2) (wait timer to stop) | ... We hold oxu->lock in position (1) of thread 1, and use del_timer_sync() to wait timer to stop, but timer handler also need oxu... • https://git.kernel.org/stable/c/9b58d255f27b0ed6a2e43208960864d67579db58 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49312 – staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
https://notcve.org/view.php?id=CVE-2022-49312
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix a potential memory leak in r871xu_drv_init() In r871xu_drv_init(), if r8712_init_drv_sw() fails, then the memory allocated by r8712_alloc_io_queue() in r8712_usb_dvobj_init() is not properly released as there is no action will be performed by r8712_usb_dvobj_deinit(). To properly release it, we should call r8712_free_io_queue() in r8712_usb_dvobj_deinit(). Besides, in r871xu_dev_remove(), r8712_usb_dvobj_deinit() will ... • https://git.kernel.org/stable/c/5a89a92efc342dd7c44b6056da87debc598f9c73 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49311 – drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()
https://notcve.org/view.php?id=CVE-2022-49311
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle() There is a deadlock in rtw_joinbss_event_prehandle(), which is shown below: (Thread 1) | (Thread 2) | _set_timer() rtw_joinbss_event_prehandle()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... | _rtw_join_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ... We hold pmlmepriv->lock in position (1) of thread 1 and use del_timer_syn... • https://git.kernel.org/stable/c/ae60744d5fad840b9d056d35b4b652d95e755846 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49310 – char: xillybus: fix a refcount leak in cleanup_dev()
https://notcve.org/view.php?id=CVE-2022-49310
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: char: xillybus: fix a refcount leak in cleanup_dev() usb_get_dev is called in xillyusb_probe. So it is better to call usb_put_dev before xdev is released. • https://git.kernel.org/stable/c/bc8fceda3b89006e8a7dda8a097d36045d044c25 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49309 – drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback()
https://notcve.org/view.php?id=CVE-2022-49309
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() There is a deadlock in rtw_surveydone_event_callback(), which is shown below: (Thread 1) | (Thread 2) | _set_timer() rtw_surveydone_event_callback()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... | rtw_scan_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ... We hold pmlmepriv->lock in position (1) of thread 1 and use del_time... • https://git.kernel.org/stable/c/f89f6c3ebf69623b8ea48200bd690e9e210335a1 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49308 – extcon: Modify extcon device to be created after driver data is set
https://notcve.org/view.php?id=CVE-2022-49308
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as state_show() intermittently before dev_set_drvdata() is done. And it can be a cause of kernel Oops because of edev is Null at that time. So modified the driver registration to after setting drviver data. - Oops's backtrace. Backtrace: [
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49307 – tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
https://notcve.org/view.php?id=CVE-2022-49307
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() When the driver fails at alloc_hdlcdev(), and then we remove the driver module, we will get the following splat: [ 25.065966] general protection fault, probably for non-canonical address 0xdffffc0000000182: 0000 [#1] PREEMPT SMP KASAN PTI [ 25.066914] KASAN: null-ptr-deref in range [0x0000000000000c10-0x0000000000000c17] [ 25.069262] RIP: 0010:detach_hdlc_protocol+0x2a/0x3e0 [ 2... • https://git.kernel.org/stable/c/50c341f9a2adc4c32a8ad5a39eb99d9c4a419e0d •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49306 – usb: dwc3: host: Stop setting the ACPI companion
https://notcve.org/view.php?id=CVE-2022-49306
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: host: Stop setting the ACPI companion It is no longer needed. The sysdev pointer is now used when assigning the ACPI companions to the xHCI ports and USB devices. Assigning the ACPI companion here resulted in the fwnode->secondary pointer to be replaced also for the parent dwc3 device since the primary fwnode (the ACPI companion) was shared. That was unintentional and it created potential side effects like resource leaks. • https://git.kernel.org/stable/c/d7f35934f7ab67bfd9adabc84207e59da9c19108 •