CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49450 – rxrpc: Fix listen() setting the bar too high for the prealloc rings
https://notcve.org/view.php?id=CVE-2022-49450
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen() setting the bar too high for the prealloc rings AF_RXRPC's listen() handler lets you set the backlog up to 32 (if you bump up the sysctl), but whilst the preallocation circular buffers have 32 slots in them, one of them has to be a dead slot because we're using CIRC_CNT(). This means that listen(rxrpc_sock, 32) will cause an oops when the socket is closed because rxrpc_service_prealloc_one() allocated one too many calls ... • https://git.kernel.org/stable/c/00e907127e6f86d0f9b122d9b4347a8aa09a8b61 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49449 – pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()
https://notcve.org/view.php?id=CVE-2022-49449
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code. In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-der... • https://git.kernel.org/stable/c/b646e0cfeb38bf5f1944fd548f1dfa9b129fa00c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49447 – ARM: hisi: Add missing of_node_put after of_find_compatible_node
https://notcve.org/view.php?id=CVE-2022-49447
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing of_node_put after of_find_compatible_node of_find_compatible_node will increment the refcount of the returned device_node. Calling of_node_put() to avoid the refcount leak In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing of_node_put after of_find_compatible_node of_find_compatible_node will increment the refcount of the returned device_node. Calling of_node_put() to avoid the ... • https://git.kernel.org/stable/c/46cb7868811d025c3d29c10d18b3422db1cf20d5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49445 – pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()
https://notcve.org/view.php?id=CVE-2022-49445
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code. In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fix possible null-ptr-der... • https://git.kernel.org/stable/c/c7977ec4a33633c8e8d9267dd014356cf857351c •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49443 – list: fix a data-race around ep->rdllist
https://notcve.org/view.php?id=CVE-2022-49443
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep->rdllist ep_poll() first calls ep_events_available() with no lock held and checks if ep->rdllist is empty by list_empty_careful(), which reads rdllist->prev. Thus all accesses to it need some protection to avoid store/load-tearing. Note INIT_LIST_HEAD_RCU() already has the annotation for both prev and next. Commit bf3b9f6372c4 ("epoll: Add busy poll support to epoll with socket fds.") added the first lockless... • https://git.kernel.org/stable/c/bf3b9f6372c45b0fbf24d86b8794910d20170017 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49442 – drivers/base/node.c: fix compaction sysfs file leak
https://notcve.org/view.php?id=CVE-2022-49442
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_node. But we forgot to remove it in unregister_node. Thus compaction sysfs file is leaked. Using compaction_unregister_node to fix this issue. In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_registe... • https://git.kernel.org/stable/c/ed4a6d7f0676db50b5023cc01f6cda82a2f2a307 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2022-49441 – tty: fix deadlock caused by calling printk() under tty_port->lock
https://notcve.org/view.php?id=CVE-2022-49441
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk() under tty_port->lock pty_write() invokes kmalloc() which may invoke a normal printk() to print failure message. This can cause a deadlock in the scenario reported by syz-bot below: CPU0 CPU1 CPU2 ---- ---- ---- lock(console_owner); lock(&port_lock_key); lock(&port->lock); lock(&port_lock_key); lock(&port->lock); lock(console_owner); As commit dbdda842fe96 ("printk: Add console owner and waiter lo... • https://git.kernel.org/stable/c/d83904cb2eb2c4d937eaf15032214b0578f25099 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49440 – powerpc/rtas: Keep MSR[RI] set when calling RTAS
https://notcve.org/view.php?id=CVE-2022-49440
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Keep MSR[RI] set when calling RTAS RTAS runs in real mode (MSR[DR] and MSR[IR] unset) and in 32-bit big endian mode (MSR[SF,LE] unset). The change in MSR is done in enter_rtas() in a relatively complex way, since the MSR value could be hardcoded. Furthermore, a panic has been reported when hitting the watchdog interrupt while running in RTAS, this leads to the following stack trace: watchdog: CPU 24 Hard LOCKUP watchdog: CPU 2... • https://git.kernel.org/stable/c/5ca40fcf0da0ce2b5bc44e7d8b036535955f2e3d •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49439 – powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
https://notcve.org/view.php?id=CVE-2022-49439
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put()... • https://git.kernel.org/stable/c/abc3aeae3aaa5c319d02f12649e17ea5929999aa •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49438 – Input: sparcspkr - fix refcount leak in bbc_beep_probe
https://notcve.org/view.php?id=CVE-2022-49438
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(), which returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(),... • https://git.kernel.org/stable/c/9c1a5077fdca99356c891af37931e537dea874f5 •