CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49264 – exec: Force single empty string when argv is empty
https://notcve.org/view.php?id=CVE-2022-49264
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting[1] Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve(2) be the name of a program, thus prohibiting a scenario where argc < 1. POSIX 2017 also recommends this behaviour, but it is not an explicit requirement[2]: The argument arg0 should point to a filename string that is associated with the process being started by one of... • https://git.kernel.org/stable/c/41f6ea5b9aaa28b740d47ffe995a5013211fdbb0 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49253 – media: usb: go7007: s2250-board: fix leak in probe()
https://notcve.org/view.php?id=CVE-2022-49253
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe() Call i2c_unregister_device(audio) on this error path. • https://git.kernel.org/stable/c/d3b2ccd9e307eae80b4b4eeb0ede46cb02212df2 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49247 – media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED
https://notcve.org/view.php?id=CVE-2022-49247
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all queued buffers in the driver should be returned with state 'VB2_BUF_STATE_QUEUED'. Currently, they are returned with 'VB2_BUF_STATE_ERROR' which is wrong. Fix this. This also fixes the warning: [ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0... • https://git.kernel.org/stable/c/8ac456495a33d9466076fea94594181ceefb76d9 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49243 – ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
https://notcve.org/view.php?id=CVE-2022-49243
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. • https://git.kernel.org/stable/c/531f67e41dcde1e358cf821d056241a66355cf03 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49242 – ASoC: mxs: Fix error handling in mxs_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49242
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers. • https://git.kernel.org/stable/c/e968194b45c4e8077dada75c5bae5660b37628fe •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49235 – ath9k_htc: fix uninit value bugs
https://notcve.org/view.php?id=CVE-2022-49235
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. In htc_connect_service() svc_meta_len and pad are not initialized. Based on code it looks like in current skb there is no service data, so simply initialize svc_meta_len to 0. htc_issue_send() does not initialize htc_frame_hdr::control array. Based on firmware code, it will initialize it by itself, so simply zero w... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49217 – scsi: pm8001: Fix abort all task initialization
https://notcve.org/view.php?id=CVE-2022-49217
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xx_send_abort_all(), the n_elem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero n_elem resulting in the execution of invalid dma_unmap_sg() calls in pm8001_ccb_task_free(), causing a crash such as: [ 197.676341] RIP: 0010:iommu_dma_unmap_sg+0x6d/0x280 [ 197.700204] RSP: 0018:ffff889bbcf8... • https://git.kernel.org/stable/c/c6b9ef5779c3e1edfa9de949d2a51252bc347663 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49197 – af_netlink: Fix shift out of bounds in group mask calculation
https://notcve.org/view.php?id=CVE-2022-49197
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: af_netlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlink_recvmsg() fills in the address of the sender. One of the fields is the 32-bit bitfield nl_groups, which carries the multicast group on which the message was received. The least significant bit corresponds to group 1, and therefore the highest group that the field can represent is 32. Above that, the UB sanitizer flags the out-of-bounds ... • https://git.kernel.org/stable/c/f7fa9b10edbb9391bdd4ec8e8b3d621d0664b198 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49191 – mxser: fix xmit_buf leak in activate when LSR == 0xff
https://notcve.org/view.php?id=CVE-2022-49191
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mxser: fix xmit_buf leak in activate when LSR == 0xff When LSR is 0xff in ->activate() (rather unlike), we return an error. Provided ->shutdown() is not called when ->activate() fails, nothing actually frees the buffer in this case. Fix this by properly freeing the buffer in a designated label. We jump there also from the "!info->type" if now too. • https://git.kernel.org/stable/c/6769140d304731f0a3b177470a2adb4bacd9036b •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49190 – kernel/resource: fix kfree() of bootmem memory again
https://notcve.org/view.php?id=CVE-2022-49190
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: kernel/resource: fix kfree() of bootmem memory again Since commit ebff7d8f270d ("mem hotunplug: fix kfree() of bootmem memory"), we could get a resource allocated during boot via alloc_resource(). And it's required to release the resource using free_resource(). Howerver, many people use kfree directly which will result in kernel BUG. In order to fix this without fixing every call site, just leak a couple of bytes in such corner case. • https://git.kernel.org/stable/c/ebff7d8f270d045338d9f4796014f4db429a17f9 •