CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50504 – powerpc/rtas: avoid scheduling in rtas_os_term()
https://notcve.org/view.php?id=CVE-2022-50504
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b BUG: sleeping function called from invalid context at arch/powerpc/kernel/rtas.c:618 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1, name: swapper/0 preempt_count: 2, expected: 0 CPU: 7 PID: 1 Comm:... • https://git.kernel.org/stable/c/f413135b337c4e90c1e593c6613f8717e17bc724 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50503 – mtd: lpddr2_nvm: Fix possible null-ptr-deref
https://notcve.org/view.php?id=CVE-2022-50503
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2_nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resource_size(add_range) invoked, if platform_get_resource() returns NULL. In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2_nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resource_size(add_range) invoked, if platform_get_resource() returns NULL. • https://git.kernel.org/stable/c/96ba9dd65788a0bd2a7d1e57ec78b7642f0ccc25 •
CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50501 – media: coda: Add check for dcoda_iram_alloc
https://notcve.org/view.php?id=CVE-2022-50501
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others. In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter der... • https://git.kernel.org/stable/c/b313bcc9a46795c0233a765411cef9a15caaa7fb •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50500 – netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed
https://notcve.org/view.php?id=CVE-2022-50500
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed If some items in nsim_dev_resources_register() fail, memory leak will occur. The following is the memory leak information. unreferenced object 0xffff888074c02600 (size 128): comm "echo", pid 8159, jiffies 4294945184 (age 493.530s) hex dump (first 32 bytes): 40 47 ea 89 ff ff ff ff 01 00 00 00 00 00 00 00 @G.............. ff ff ff ff ff ff ff ff ff ff ff... • https://git.kernel.org/stable/c/37923ed6b8cea94d7d76038e2f72c57a0b45daab •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-50499 – media: dvb-core: Fix double free in dvb_register_device()
https://notcve.org/view.php?id=CVE-2022-50499
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_register_device() -> dvb_register_media_device() -> dvb_create_media_entity(), dvb->entity is allocated and initialized. If the initialization fails, it frees the dvb->entity, and return an error code. The caller takes the error code and handles the error by calling dvb_media_device_free(), which unregisters the entity and frees the field again if it is not NULL. As d... • https://git.kernel.org/stable/c/9db28659aa893c68f162b11fd63bb7f6a713e52f •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50497 – binfmt_misc: fix shift-out-of-bounds in check_special_flags
https://notcve.org/view.php?id=CVE-2022-50497
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace:
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50496 – dm cache: Fix UAF in destroy()
https://notcve.org/view.php?id=CVE-2022-50496
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). • https://git.kernel.org/stable/c/c6b4fcbad044e6fffcc75bba160e720eb8d67d17 • CWE-825: Expired Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50494 – thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
https://notcve.org/view.php?id=CVE-2022-50494
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687 caller is debug_smp_processor_id+0x17/0x20 CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50493 – scsi: qla2xxx: Fix crash when I/O abort times out
https://notcve.org/view.php?id=CVE-2022-50493
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_start_nvme_mq+0x3a2/0x4b0 [qla2xxx] qla_nvme_post_cmd+0x166/0x240 [qla2xxx] nvme_fc_start_fcp_op.part.0+0x119/0x2e0 [nvme_fc] blk_mq_dispatch_rq_list+0x17b/0x610 __blk_mq_sched_dispatch_requests+0xb0/0x140 blk_mq_sched_dispatch_requests+0x30/0x60 _... • https://git.kernel.org/stable/c/71c80b75ce8f08c0978ce9a9816b81b5c3ce5e12 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50492 – drm/msm: fix use-after-free on probe deferral
https://notcve.org/view.php?id=CVE-2022-50492
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix use-after-free on probe deferral The bridge counter was never reset when tearing down the DRM device so that stale pointers to deallocated structures would be accessed on the next tear down (e.g. after a second late bind deferral). Given enough bridges and a few probe deferrals this could currently also lead to data beyond the bridge array being corrupted. Patchwork: https://patchwork.freedesktop.org/patch/502665/ In the Linux ... • https://git.kernel.org/stable/c/a3376e3ec81c5dd0622cbc187db76d2824d31c1c •