CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50072 – NFSv4/pnfs: Fix a use-after-free bug in open
https://notcve.org/view.php?id=CVE-2022-50072
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call. In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutge... • https://git.kernel.org/stable/c/6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50068 – drm/ttm: Fix dummy res NULL ptr deref bug
https://notcve.org/view.php?id=CVE-2022-50068
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix dummy res NULL ptr deref bug Check the bo->resource value before accessing the resource mem_type. v2: Fix commit description unwrapped warning
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50067 – btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
https://notcve.org/view.php?id=CVE-2022-50067
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_to_relocate() set_reloc_control() that assigns rc to the variable fs_info->reloc_ctl. When prepare_to_relocate() returns, it calls btrfs_commit_transaction() btrfs_start_dirty_block_groups() btrfs_alloc_path() kmem_cache_zalloc() which may... • https://git.kernel.org/stable/c/ff0e8ed8dfb584575cffc1561f17a1d094e8565b •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50066 – net: atlantic: fix aq_vec index out of range error
https://notcve.org/view.php?id=CVE-2022-50066
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range error. Also fixed this kind of coding style in other for loop. [ 97.937604] UBSAN: array-index-out-of-bounds in drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1404:48 [ 97.937607] index 8 is out of range for type 'aq_vec_s *[8]' [ 97... • https://git.kernel.org/stable/c/97bde5c4f909a55ab4c36cf0ac9094f6c9e4cdf6 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50065 – virtio_net: fix memory leak inside XPD_TX with mergeable
https://notcve.org/view.php?id=CVE-2022-50065
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is newly allocated, it should be freed here alone. Just like any other "goto err_xdp". In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buf... • https://git.kernel.org/stable/c/44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50062 – net: bgmac: Fix a BUG triggered by wrong bytes_compl
https://notcve.org/view.php?id=CVE-2022-50062
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: bgmac: Fix a BUG triggered by wrong bytes_compl On one of our machines we got: kernel BUG at lib/dynamic_queue_limits.c:27! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM CPU: 0 PID: 1166 Comm: irq/41-bgmac Tainted: G W O 4.14.275-rt132 #1 Hardware name: BRCM XGS iProc task: ee3415c0 task.stack: ee32a000 PC is at dql_completed+0x168/0x178 LR is at bgmac_poll+0x18c/0x6d8 pc : [
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50061 – pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
https://notcve.org/view.php?id=CVE-2022-50061
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak." In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incre... • https://git.kernel.org/stable/c/c2f6d059abfc29822af732e4da70813a5b6fd9cd •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50060 – octeontx2-af: Fix mcam entry resource leak
https://notcve.org/view.php?id=CVE-2022-50060
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is a chance of all allocated MCAM entries not being freed by PF/VF. Hence free mcam entries even in case of detached LF. In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The t... • https://git.kernel.org/stable/c/c554f9c1574e022821260b24b043a4277e8ec5d8 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50059 – ceph: don't leak snap_rwsem in handle_cap_grant
https://notcve.org/view.php?id=CVE-2022-50059
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwsem is held and the function is expected to release it before returning. It currently fails to do that in all cases which could lead to a deadlock. In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwse... • https://git.kernel.org/stable/c/6f05b30ea063a2a05dda47a4105a69267ae5270f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50055 – iavf: Fix adminq error handling
https://notcve.org/view.php?id=CVE-2022-50055
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Without this change it is possible to see when unloading interface: 74626.583369: dma_debug_device_change: device driver has pending DMA allocations while released from device [count=32] One of leaked entries det... • https://git.kernel.org/stable/c/d358aa9a7a2d5f91b1d33d5d4e27c2e46638d123 •