CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49170 – f2fs: fix to do sanity check on curseg->alloc_type
https://notcve.org/view.php?id=CVE-2022-49170
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg->alloc_type As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi? • https://git.kernel.org/stable/c/498b7088db71f9707359448cd6800bbb1882f4c3 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49169 – f2fs: use spin_lock to avoid hang
https://notcve.org/view.php?id=CVE-2022-49169
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: use spin_lock to avoid hang [14696.634553] task:cat state:D stack: 0 pid:1613738 ppid:1613735 flags:0x00000004 [14696.638285] Call Trace: [14696.639038] <TASK> [14696.640032] __schedule+0x302/0x930 [14696.640969] schedule+0x58/0xd0 [14696.641799] schedule_preempt_disabled+0x18/0x30 [14696.642890] __mutex_lock.constprop.0+0x2fb/0x4f0 [14696.644035] ? • https://git.kernel.org/stable/c/2eff60346e7ae1a24cd868b8fdcf58e946e7dde1 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49168 – btrfs: do not clean up repair bio if submit fails
https://notcve.org/view.php?id=CVE-2022-49168
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always run bio_endio() on the bio if it fails to submit, so cleaning up the bio just leads to a variety of use-after-free and NULL pointer dereference bugs because we race with the endio function that is cleaning up the bio. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit hel... • https://git.kernel.org/stable/c/7170875083254b51fcc5d67f96640977083f481e • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49167 – btrfs: do not double complete bio on errors during compressed reads
https://notcve.org/view.php?id=CVE-2022-49167
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do not double complete bio on errors during compressed reads I hit some weird panics while fixing up the error handling from btrfs_lookup_bio_sums(). • https://git.kernel.org/stable/c/4a4ceb2b990771c374d85d496a1a45255dde48e3 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49166 – ntfs: add sanity check on allocation size
https://notcve.org/view.php?id=CVE-2022-49166
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocation size. • https://git.kernel.org/stable/c/bd8d7daa0e53b184a2f3c6e0d47330780d0a0650 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49165 – media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers
https://notcve.org/view.php?id=CVE-2022-49165
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers If the application queues an NV12M jpeg as output buffer, but then queues a single planar capture buffer, the kernel will crash with "Unable to handle kernel NULL pointer dereference" in mxc_jpeg_addrs, prevent this by finishing the job with error. • https://git.kernel.org/stable/c/2db16c6ed72ce644d5639b3ed15e5817442db4ba •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49164 – powerpc/tm: Fix more userspace r13 corruption
https://notcve.org/view.php?id=CVE-2022-49164
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a ("powerpc/tm: Fix userspace r13 corruption") fixes a problem in treclaim where a SLB miss can occur on the thread_struct->ckpt_regs while SCRATCH0 is live with the saved user r13 value, clobbering it with the kernel r13 and ultimately resulting in kernel r13 being stored in ckpt_regs. ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various sec... • https://git.kernel.org/stable/c/98ae22e15b430bfed5def01ac1a88ec9396284c8 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49163 – media: imx-jpeg: fix a bug of accessing array out of bounds
https://notcve.org/view.php?id=CVE-2022-49163
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: fix a bug of accessing array out of bounds When error occurs in parsing jpeg, the slot isn't acquired yet, it may be the default value MXC_MAX_SLOTS. If the driver access the slot using the incorrect slot number, it will access array out of bounds. The result is the driver will change num_domains, which follows slot_data in struct mxc_jpeg_dev. • https://git.kernel.org/stable/c/2db16c6ed72ce644d5639b3ed15e5817442db4ba •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49162 – video: fbdev: sm712fb: Fix crash in smtcfb_write()
https://notcve.org/view.php?id=CVE-2022-49162
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: sm712fb: Fix crash in smtcfb_write() When the sm712fb driver writes three bytes to the framebuffer, the driver will crash: BUG: unable to handle page fault for address: ffffc90001ffffff RIP: 0010:smtcfb_write+0x454/0x5b0 Call Trace: vfs_write+0x291/0xd60 ? ... The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. • https://git.kernel.org/stable/c/fb791514acf9070225eed46e1ccbb0aa7aae5da5 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49161 – ASoC: mediatek: Fix error handling in mt8183_da7219_max98357_dev_probe
https://notcve.org/view.php?id=CVE-2022-49161
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8183_da7219_max98357_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. • https://git.kernel.org/stable/c/11c0269017b212fd47c593307d2dc3eb9713b2d0 •