CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49543 – ath11k: fix the warning of dev_wake in mhi_pm_disable_transition()
https://notcve.org/view.php?id=CVE-2022-49543
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning in message as below. • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49542 – scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()
https://notcve.org/view.php?id=CVE-2022-49542
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() In an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard lockup call trace hangs the system. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() In an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard lockup call trace hangs the system. • https://git.kernel.org/stable/c/271725e4028559ae7974d762a8467dc9de412f2e •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49541 – cifs: fix potential double free during failed mount
https://notcve.org/view.php?id=CVE-2022-49541
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799 An update for kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_85_1 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. • https://git.kernel.org/stable/c/ce0008a0e410cdd95f0d8cd81b2902ec10a660c4 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49540 – rcu-tasks: Fix race in schedule and flush work
https://notcve.org/view.php?id=CVE-2022-49540
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in schedule and flush work While booting secondary CPUs, cpus_read_[lock/unlock] is not keeping online cpumask stable. ... In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in schedule and flush work While booting secondary CPUs, cpus_read_[lock/unlock] is not keeping online cpumask stable. • https://git.kernel.org/stable/c/1c6c3f2336642fb3074593911f5176565f47ec41 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49539 – rtw89: ser: fix CAM leaks occurring in L2 reset
https://notcve.org/view.php?id=CVE-2022-49539
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER (system error recover) L2 reset process and ieee80211_restart_hw() which is called by L2 reset process eventually. In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER (... • https://git.kernel.org/stable/c/e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49538 – ALSA: jack: Access input_dev under mutex
https://notcve.org/view.php?id=CVE-2022-49538
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access input_dev under mutex It is possible when using ASoC that input_dev is unregistered while calling snd_jack_report, which causes NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access input_dev under mutex It is possible when using ASoC that input_dev is unregistered while calling snd_jack_report, which causes NULL pointer dereference. • https://git.kernel.org/stable/c/74bab3bcf422593c582e47130aa8eb41ebb2dc09 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49537 – scsi: lpfc: Fix call trace observed during I/O with CMF enabled
https://notcve.org/view.php?id=CVE-2022-49537
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smp_processor_id() in preemptible code: systemd-udevd/31711 kernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc] kernel: CPU: 12 PID: 31711 Comm: systemd-udevd kernel: Call Trace: kernel:
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49536 – scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
https://notcve.org/view.php?id=CVE-2022-49536
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. ... • https://git.kernel.org/stable/c/7625e81de2164a082810e1f27547d388406da610 • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49535 – scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
https://notcve.org/view.php?id=CVE-2022-49535
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfc_issue_els_flogi() fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfc_issue_els_flogi() fails and returns non-zer... • https://git.kernel.org/stable/c/c7dc74ab7975c9b96284abfe4cca756d75fa4604 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49534 – scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
https://notcve.org/view.php?id=CVE-2022-49534
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT There is a potential memory leak in lpfc_ignore_els_cmpl() and lpfc_els_rsp_reject() that was allocated from NPIV PLOGI_RJT (lpfc_rcv_plogi()'s login_mbox). In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT There is a potential memory leak in lpfc_ignore_els_cmpl() and lpfc_els_rsp... • https://git.kernel.org/stable/c/c00df0f34a6d5e14da379f96ea67e501ce67b002 • CWE-401: Missing Release of Memory after Effective Lifetime •