CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49394 – blk-iolatency: Fix inflight count imbalances and IO hangs on offline
https://notcve.org/view.php?id=CVE-2022-49394
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. ... • https://git.kernel.org/stable/c/6d482bc5697763eb1214f207286daa201b32d20a • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49393 – misc: fastrpc: fix list iterator in fastrpc_req_mem_unmap_impl
https://notcve.org/view.php?id=CVE-2022-49393
26 Feb 2025 — Call trace: fastrpc_map_create+0x70/0x290 [fastrpc] fastrpc_req_mem_map+0xf0/0x2dc [fastrpc] fastrpc_device_ioctl+0x138/0xc60 [fastrpc] __arm64_sys_ioctl+0xa8/0xec invoke_syscall+0x48/0x114 el0_svc_common.constprop.0+0xd4/0xfc do_el0_svc+0x28/0x90 el0_svc+0x3c/0x130 el0t_64_sync_handler+0xa4/0x130 el0t_64_sync+0x18c/0x190 Code: 14000016 f94000a5 eb05029f 54000260 (b94018a6) ---[ end trace 0000000000000000 ]--- In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix list... • https://git.kernel.org/stable/c/5c1b97c7d7b736e6439af4f43a65837bc72f56c1 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49392 – serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe
https://notcve.org/view.php?id=CVE-2022-49392
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe platform_get_resource() may fail and return NULL, so we should better check it's return value to avoid a NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe platform_get_resource() may fail and return NULL, so we should better c... • https://git.kernel.org/stable/c/54da3e381c2b55289b220601f403f17df7b20597 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49391 – remoteproc: mtk_scp: Fix a potential double free
https://notcve.org/view.php?id=CVE-2022-49391
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: mtk_scp: Fix a potential double free 'scp->rproc' is allocated using devm_rproc_alloc(), so there is no need to free it explicitly in the remove function. In the Linux kernel, the following vulnerability has been resolved: remoteproc: mtk_scp: Fix a potential double free 'scp->rproc' is allocated using devm_rproc_alloc(), so there is no need to free it explicitly in the remove function. • https://git.kernel.org/stable/c/c1407ac1099ab9726c31d38d806f3150f494c494 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49390 – macsec: fix UAF bug for real_dev
https://notcve.org/view.php?id=CVE-2022-49390
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get reference to real_dev. In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get reference to real_dev. ... • https://git.kernel.org/stable/c/2bce1ebed17da54c65042ec2b962e3234bad5b47 • CWE-416: Use After Free •
CVSS: 5.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-49389 – usb: usbip: fix a refcount leak in stub_probe()
https://notcve.org/view.php?id=CVE-2022-49389
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). ... In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. • https://git.kernel.org/stable/c/3ff67445750a84de67faaf52c6e1895cb09f2c56 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49388 – ubi: ubi_create_volume: Fix use-after-free when volume creation failed
https://notcve.org/view.php?id=CVE-2022-49388
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ubi: ubi_create_volume: Fix use-after-free when volume creation failed There is an use-after-free problem for 'eba_tbl' in ubi_create_volume()'s error handling path: ubi_eba_replace_table(vol, eba_tbl) vol->eba_tbl = tbl out_mapping: ubi_eba_destroy_table(eba_tbl) // Free 'eba_tbl' out_unlock: put_device(&vol->dev) vol_release kfree(tbl->entries) // UAF Fix it by removing redundant 'eba_tbl' releasing. In the Linux kernel, the... • https://git.kernel.org/stable/c/493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49387 – watchdog: rzg2l_wdt: Fix 32bit overflow issue
https://notcve.org/view.php?id=CVE-2022-49387
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2l_wdt: Fix 32bit overflow issue The value of timer_cycle_us can be 0 due to 32bit overflow. For eg:- If we assign the counter value "0xfff" for computing maxval. ... In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2l_wdt: Fix 32bit overflow issue The value of timer_cycle_us can be 0 due to 32bit overflow. • https://git.kernel.org/stable/c/2cbc5cd0b55fa2310cc557c77b0665f5e00272de •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49386 – net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
https://notcve.org/view.php?id=CVE-2022-49386
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when no... • https://git.kernel.org/stable/c/93a76530316a3d8cc2d82c3deca48424fee92100 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49385 – driver: base: fix UAF when driver_attach failed
https://notcve.org/view.php?id=CVE-2022-49385
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, which caused a UAF. ... • https://git.kernel.org/stable/c/190888ac01d059e38ffe77a2291d44cafa9016fb • CWE-416: Use After Free •