CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49275 – can: m_can: m_can_tx_handler(): fix use after free of skb
https://notcve.org/view.php?id=CVE-2022-49275
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_tx_handler(): fix use after free of skb can_put_echo_skb() will clone skb then free the skb. ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. • https://git.kernel.org/stable/c/80646733f11c2e9de3b6339f7e635047e6087280 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49274 – ocfs2: fix crash when mount with quota enabled
https://notcve.org/view.php?id=CVE-2022-49274
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix crash when mount with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. • https://git.kernel.org/stable/c/6c85c2c728193d19d6a908ae9fb312d0325e65ca •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49273 – rtc: pl031: fix rtc features null pointer dereference
https://notcve.org/view.php?id=CVE-2022-49273
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. ... A flaw was found in the rtc-pl031 module in the Linux kernel. • https://git.kernel.org/stable/c/d9b0dd54a1943f47a381a474f8ea2c94466110c0 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49272 – ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
https://notcve.org/view.php?id=CVE-2022-49272
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCM runtime->buffer_mutex and the mm->mmap_lock. ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. • https://git.kernel.org/stable/c/8527c8f052fb42091c6569cb928e472376a4a889 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49271 – cifs: prevent bad output lengths in smb2_ioctl_query_info()
https://notcve.org/view.php?id=CVE-2022-49271
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2_ioctl_query_info() When calling smb2_ioctl_query_info() with smb_query_info::flags=PASSTHRU_FSCTL and smb_query_info::output_buffer_length=0, the following would return 0x10 buffer = memdup_user(arg + sizeof(struct smb_query_info), qi.output_buffer_length); if (IS_ERR(buffer)) { kfree(vars); return PTR_ERR(buffer); } rather than a valid pointer thus making IS_ERR() check fail. ... __x64_sys_op... • https://git.kernel.org/stable/c/9963ccea6087268e1275b992dca5d0dd4b938765 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49270 – dm: fix use-after-free in dm_cleanup_zoned_dev()
https://notcve.org/view.php?id=CVE-2022-49270
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dm_cleanup_zoned_dev() dm_cleanup_zoned_dev() uses queue, so it must be called before blk_cleanup_disk() starts its killing: blk_cleanup_disk->blk_cleanup_queue()->kobject_put()->blk_release_queue()-> ->...RCU...... rcu_read_lock_sched_held+0x12/0x70 dm_ctl_ioctl+0xa/0x10 __x64_sys_ioctl+0xb9/0xf0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fb6dfa95c27 In the Linux ke... • https://git.kernel.org/stable/c/bb37d77239af25cde59693dbe3fac04dd17d7b29 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49269 – can: isotp: sanitize CAN ID checks in isotp_bind()
https://notcve.org/view.php?id=CVE-2022-49269
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotp_bind() Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted of CAN ID 0x6000001 and 0xC28001 which both boil down to 11 bit CAN IDs 0x001 in sending and receiving. • https://git.kernel.org/stable/c/e057dd3fc20ffb3d7f150af46542a51b59b90127 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49268 – ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
https://notcve.org/view.php?id=CVE-2022-49268
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snd_dma_free_pages() when snd_dma_alloc_pages() returns -ENOMEM because it leads to a NULL pointer dereference bug. • https://git.kernel.org/stable/c/d16046ffa6de040bf580a64d5f4d0aa18258a854 •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49267 – mmc: core: use sysfs_emit() instead of sprintf()
https://notcve.org/view.php?id=CVE-2022-49267
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. ... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. • https://git.kernel.org/stable/c/659ca56b5415c7a1d05e185c36fad80ba165d063 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49266 – block: fix rq-qos breakage from skipping rq_qos_done_bio()
https://notcve.org/view.php?id=CVE-2022-49266
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rq_qos_done_bio() a647a524a467 ("block: don't call rq_qos_ops->done_bio if the bio isn't tracked") made bio_endio() skip rq_qos_done_bio() if BIO_TRACKED is not set. While this fixed a potential oops, it also broke blk-iocost by skipping the done_bio callback for merged bios. • https://git.kernel.org/stable/c/a647a524a46736786c95cdb553a070322ca096e3 •