CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48755 – powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
https://notcve.org/view.php?id=CVE-2022-48755
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06 Johan reported the below crash with test_bpf on ppc64 e5500: test_bpf: #296 ALU_END_FROM_LE 64: 0x0123456789abcdef -> 0x67452301 jited:1 Oops: Exception in kernel mode, sig: 4 [#1] BE PAGE_SIZE=4K SMP NR_CPUS=24 QEMU e500 Modules linked in: test_bpf(+) CPU: 0 PID: 76 Comm: insmod Not tainted 5.14.0-03771-g98c2059e008a-dirty #1 NIP: 8000000000061c3c LR: 80000000006dea64 CTR:... • https://git.kernel.org/stable/c/156d0e290e969caba25f1851c52417c14d141b24 •
CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48754 – phylib: fix potential use-after-free
https://notcve.org/view.php?id=CVE-2022-48754
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put_device() call says that the phydev might go away with put_device(). Fix potential use-after-free by calling phy_device_reset() before put_device(). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: phylib: corrige el pos... • https://git.kernel.org/stable/c/bafbdd527d569c8200521f2f7579f65a044271be • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48753 – block: fix memory leak in disk_register_independent_access_ranges
https://notcve.org/view.php?id=CVE-2022-48753
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in disk_register_independent_access_ranges kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add() If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix this issue by adding kobject_put(). Callback function blk_ia_ranges_sysfs_release() in kobject_put() can handle the pointer "iars" properly. In ... • https://git.kernel.org/stable/c/a2247f19ee1c5ad75ef095cdfb909a3244b88aa8 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48752 – powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
https://notcve.org/view.php?id=CVE-2022-48752
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending Running selftest with CONFIG_PPC_IRQ_SOFT_MASK_DEBUG enabled in kernel triggered below warning: [ 172.851380] ------------[ cut here ]------------ [ 172.851391] WARNING: CPU: 8 PID: 2901 at arch/powerpc/include/asm/hw_irq.h:246 power_pmu_disable+0x270/0x280 [ 172.851402] Modules linked in: dm_mod bonding nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4... • https://git.kernel.org/stable/c/ef798cd035f316a537fee8ed170c127f12407085 •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48751 – net/smc: Transitional solution for clcsock race issue
https://notcve.org/view.php?id=CVE-2022-48751
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused by accessing smc->clcsock after clcsock was released. BUG: kernel NULL pointer dereference, address: 0000000000000020 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 50309 Comm: nginx Kdump: loaded Tainted: G E 5.16.0-rc4+ #53 RIP: 0010... • https://git.kernel.org/stable/c/fd57770dd198f5b2ddd5b9e6bf282cf98d63adb9 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48750 – hwmon: (nct6775) Fix crash in clear_caseopen
https://notcve.org/view.php?id=CVE-2022-48750
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix crash in clear_caseopen Pawe? Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 4815 Comm: bash Tainted: G S 5.16.2-200.fc35.x86_64 #1 Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z97 Extreme4, BIOS P2.60A 05/03/2018 RIP: 0010:clear_caseopen+0x5a... • https://git.kernel.org/stable/c/2e7b9886968b89f0b4cbc59b8e6ed47fd4edd0dd •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48749 – drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
https://notcve.org/view.php?id=CVE-2022-48749
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize the "base" variable after the sanity check to avoid a possible NULL pointer dereference. Addresses-Coverity-ID: 1493866 ("Null pointer dereference") In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc ... • https://git.kernel.org/stable/c/4259ff7ae509ed880b3a7bb685972c3a3bf4b74b •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48748 – net: bridge: vlan: fix memory leak in __allowed_ingress
https://notcve.org/view.php?id=CVE-2022-48748
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in __allowed_ingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port state is forwarding and the pvid state is not learning/forwarding, untagged or priority-tagged frame will be dropped but skb memory is not freed. Should free skb when __allowed_ingress returns false. En el kernel de Linux, se resolvió la... • https://git.kernel.org/stable/c/a580c76d534c7360ba68042b19cb255e8420e987 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48747 – block: Fix wrong offset in bio_truncate()
https://notcve.org/view.php?id=CVE-2022-48747
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bloque: corrige el desplazamiento incorrecto en bio_tru... • https://git.kernel.org/stable/c/6cbf4c731d7812518cd857c2cfc3da9fd120f6ae • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48746 – net/mlx5e: Fix handling of wrong devices during bond netevent
https://notcve.org/view.php?id=CVE-2022-48746
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys device of the bond handling the netevent. Fix by adding the missing check and optimizing the check if the netdev is VF representor so it will not access uninitialized private data and crashes. BUG: kernel NULL pointer ... • https://git.kernel.org/stable/c/7e51891a237f9ea319f53f9beb83afb0077d88e6 •