CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48847 – watch_queue: Fix filter limit check
https://notcve.org/view.php?id=CVE-2022-48847
16 Jul 2024 — __x64_sys_ioctl+0x127/0x190 do_syscall_64+0x43/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae Allocated by task 611: kasan_save_stack+0x1e/0x40 __kasan_kmalloc+0x81/0xa0 watch_queue_set_filter+0x23a/0x740 __x64_sys_ioctl+0x127/0x190 do_syscall_64+0x43/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae The buggy address belongs to the object at ffff88800d2c66a0 which belongs to the cache kmalloc-32 of size 32 The buggy address is located 28 bytes inside of 32-byte region [ffff88800d2c66a0, ffff88800d2c66c0) En el ... • https://git.kernel.org/stable/c/c73be61cede5882f9605a852414db559c0ebedfd • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48846 – block: release rq qos structures for queue without disk
https://notcve.org/view.php?id=CVE-2022-48846
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: block: release rq qos structures for queue without disk blkcg_init_queue() may add rq qos structures to request queue, previously blk_cleanup_queue() calls rq_qos_exit() to release them, but commit 8e141f9eb803 ("block: drain file system I/O on del_gendisk") moves rq_qos_exit() into del_gendisk(), so memory leak is caused because queues may not have disk, such as un-present scsi luns, nvme admin queue, ... In the Linux kernel,... • https://git.kernel.org/stable/c/8e141f9eb803e209714a80aa6ec073893f94c526 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48845 – MIPS: smp: fill in sibling and core maps earlier
https://notcve.org/view.php?id=CVE-2022-48845
16 Jul 2024 — Neither me nor my brief tests couldn't find any potential caveats in calculating the maps right after performing delay calibration, but the WARN splat is now gone. The very same debug prints now yield exactly what I expected from them: [ 0.048433] CPU: 1, smt_mask: 0-1 [0] https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?... Si bien el flujo es el mismo en ARM64 (mapas después del notificador, aunque antes de llamar a set_cpu_online()), x86 comenzó a calcular mapas de hermanos a... • https://git.kernel.org/stable/c/7315f8538db009605ffba00370678142ef00ac98 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48844 – Bluetooth: hci_core: Fix leaking sent_cmd skb
https://notcve.org/view.php?id=CVE-2022-48844
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix leaking sent_cmd skb sent_cmd memory is not freed before freeing hci_dev causing it to leak it contents. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix leaking sent_cmd skb sent_cmd memory is not freed before freeing hci_dev causing it to leak it contents. • https://git.kernel.org/stable/c/3679ccc09d8806686d579095ed504e045af7f7d6 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48843 – drm/vrr: Set VRR capable prop only if it is attached to connector
https://notcve.org/view.php?id=CVE-2022-48843
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. • https://git.kernel.org/stable/c/941e8bcd2b2ba95490738e33dfeca27168452779 •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48842 – ice: Fix race condition during interface enslave
https://notcve.org/view.php?id=CVE-2022-48842
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: Fix race condition during interface enslave Commit 5dbbbd01cbba83 ("ice: Avoid RTNL lock when re-creating auxiliary device") changes a process of re-creation of aux device so ice_plug_aux_dev() is called from ice_service_task() context. This unfortunately opens a race window that can result in dead-lock when interface has left LAG and immediately enters LAG again. ... If it is set (in other words plugging of aux device was reque... • https://git.kernel.org/stable/c/a9bbacc53d1f5ed8febbfdf31401d20e005f49ef • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48841 – ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()
https://notcve.org/view.php?id=CVE-2022-48841
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() It is possible to do NULL pointer dereference in routine that updates Tx ring stats. In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() It is possible to do NULL pointer dereference in routine that updates Tx ring stats. ... En el kernel de Linux, se ha resuelto la sigu... • https://git.kernel.org/stable/c/e72bba21355dbb67512a0d666fec9f4b56dbfc2f • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48840 – iavf: Fix hang during reboot/shutdown
https://notcve.org/view.php?id=CVE-2022-48840
16 Jul 2024 — Reboot [52625.981294] sysrq: SysRq : Show Blocked State [52625.988377] task:reboot state:D stack: 0 pid:17359 ppid: 1 f2 [52625.996732] Call Trace: [52625.999187] __schedule+0x2d1/0x830 [52626.007400] schedule+0x35/0xa0 [52626.010545] schedule_hrtimeout_range_clock+0x83/0x100 [52626.020046] usleep_range+0x5b/0x80 [52626.023540] iavf_remove+0x63/0x5b0 [iavf] [52626.027645] pci_device_remove+0x3b/0xc0 [52626.031572] device_release_driver_internal+0x103/0x1f0 [52626.036805] pci_stop_bus_device+0x72/0xa0 [52626... • https://git.kernel.org/stable/c/85aa76066fef64de8a48d0da6b4071ceac455a94 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48839 – net/packet: fix slab-out-of-bounds access in packet_recvmsg()
https://notcve.org/view.php?id=CVE-2022-48839
16 Jul 2024 — BUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline] BUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489 Write of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631 CPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48838 – usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
https://notcve.org/view.php?id=CVE-2022-48838
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in dev_uevent+0x712/0x780 drivers/base/core.c:2320 Read of size 8 at addr ffff88802b934098 by task udevd/3689 CPU: 2 PID: 3689 Comm: udevd Not tainted 5.17.0-rc4-syzkaller-00229-g4f12b742eb2b #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Call Trace: