CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49558 – netfilter: nf_tables: double hook unregistration in netns path
https://notcve.org/view.php?id=CVE-2022-49558
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: double hook unregistration in netns path __nft_release_hooks() is called from pre_netns exit path which unregisters the hooks, then the NETDEV_UNREGISTER event is triggered which unregisters the hooks again. In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: double hook unregistration in netns path __nft_release_hooks() is called from pre_netns exit path which unregi... • https://git.kernel.org/stable/c/b110391d1e806167254d3c7ae5d637191d913175 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49557 – x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave)
https://notcve.org/view.php?id=CVE-2022-49557
26 Feb 2025 — ================================================================== BUG: KASAN: slab-out-of-bounds in fpu_copy_uabi_to_guest_fpstate+0x86/0x130 Read of size 8 at addr ffff888011e33a00 by task qemu-build/681 CPU: 1 PID: 681 Comm: qemu-build Not tainted 5.18.0-rc5-KASAN-amd64 #1 Hardware name: /DG35EC, BIOS ECG3510M.86A.0118.2010.0113.1426 01/13/2010 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49556 – KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
https://notcve.org/view.php?id=CVE-2022-49556
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data that PSP firmware returns. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length p... • https://git.kernel.org/stable/c/eaf78265a4ab33935d3a0f1407ce4a91aac4d4d5 •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49555 – Bluetooth: hci_qca: Use del_timer_sync() before freeing
https://notcve.org/view.php?id=CVE-2022-49555
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still ... • https://git.kernel.org/stable/c/0ff252c1976da5d80db1377eb39b551931e61826 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49554 – zsmalloc: fix races between asynchronous zspage free and page migration
https://notcve.org/view.php?id=CVE-2022-49554
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending against page migration. In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending ag... • https://git.kernel.org/stable/c/77ff465799c60294e248000cd22ae8171da3304c •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49553 – fs/ntfs3: validate BOOT sectors_per_clusters
https://notcve.org/view.php?id=CVE-2022-49553
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectors_per_clusters When the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a shift value. ... /fs/ntfs3/super.c:673:16 shift exponent -192 is negative In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectors_per_clusters When the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a shift value. • https://git.kernel.org/stable/c/82cae269cfa953032fbb8980a7d554d60fb00b17 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49552 – bpf: Fix combination of jit blinding and pointers to bpf subprogs.
https://notcve.org/view.php?id=CVE-2022-49552
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. ... In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. • https://git.kernel.org/stable/c/69c087ba6225b574afb6e505b72cb75242a3d844 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49551 – usb: isp1760: Fix out-of-bounds array access
https://notcve.org/view.php?id=CVE-2022-49551
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: isp1760: Fix out-of-bounds array access Running the driver through kasan gives an interesting splat: BUG: KASAN: global-out-of-bounds in isp1760_register+0x180/0x70c Read of size 20 at addr f1db2e64 by task swapper/0/1 (...) isp1760_register from isp1760_plat_probe+0x1d8/0x220 (...) ... In the Linux kernel, the following vulnerability has been resolved: usb: isp1760: Fix out-of-bounds array access Running the driver throu... • https://git.kernel.org/stable/c/1da9e1c06873350c99ba49a052f92de85f2c69f2 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49550 – fs/ntfs3: provide block_invalidate_folio to fix memory leak
https://notcve.org/view.php?id=CVE-2022-49550
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide block_invalidate_folio to fix memory leak The ntfs3 filesystem lacks the 'invalidate_folio' method and it causes memory leak. ... In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide block_invalidate_folio to fix memory leak The ntfs3 filesystem lacks the 'invalidate_folio' method and it causes memory leak. • https://git.kernel.org/stable/c/7ba13abbd31ee9265e88d7dc029c0f786e665192 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49549 – x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails
https://notcve.org/view.php?id=CVE-2022-49549
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fails, the previously allocated threshold banks array @bp will be leaked because the call to mce_threshold_remove_device() will not free it. ... Add a helper which unwinds all the bank creation work previously done and pass into it the previously allocated threshold banks array for freeing. [ bp: Massage. ] In ... • https://git.kernel.org/stable/c/6458de97fc15530b54477c4e2b70af653e8ac3d9 • CWE-401: Missing Release of Memory after Effective Lifetime •