CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50494 – thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
https://notcve.org/view.php?id=CVE-2022-50494
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687 caller is debug_smp_processor_id+0x17/0x20 CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50493 – scsi: qla2xxx: Fix crash when I/O abort times out
https://notcve.org/view.php?id=CVE-2022-50493
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_start_nvme_mq+0x3a2/0x4b0 [qla2xxx] qla_nvme_post_cmd+0x166/0x240 [qla2xxx] nvme_fc_start_fcp_op.part.0+0x119/0x2e0 [nvme_fc] blk_mq_dispatch_rq_list+0x17b/0x610 __blk_mq_sched_dispatch_requests+0xb0/0x140 blk_mq_sched_dispatch_requests+0x30/0x60 _... • https://git.kernel.org/stable/c/71c80b75ce8f08c0978ce9a9816b81b5c3ce5e12 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50492 – drm/msm: fix use-after-free on probe deferral
https://notcve.org/view.php?id=CVE-2022-50492
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix use-after-free on probe deferral The bridge counter was never reset when tearing down the DRM device so that stale pointers to deallocated structures would be accessed on the next tear down (e.g. after a second late bind deferral). Given enough bridges and a few probe deferrals this could currently also lead to data beyond the bridge array being corrupted. Patchwork: https://patchwork.freedesktop.org/patch/502665/ In the Linux ... • https://git.kernel.org/stable/c/a3376e3ec81c5dd0622cbc187db76d2824d31c1c •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50491 – coresight: cti: Fix hang in cti_disable_hw()
https://notcve.org/view.php?id=CVE-2022-50491
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in cti_disable_hw() cti_enable_hw() and cti_disable_hw() are called from an atomic context so shouldn't use runtime PM because it can result in a sleep when communicating with firmware. Since commit 3c6656337852 ("Revert "firmware: arm_scmi: Add clock management to the SCMI power domain""), this causes a hang on Juno when running the Perf Coresight tests or running this command: perf record -e cs_etm//u -- ls This w... • https://git.kernel.org/stable/c/835d722ba10ac924adba1e8a46f2d80955222b4b • CWE-1322: Use of Blocking Code in Single-threaded, Non-blocking Context •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50490 – bpf: Propagate error from htab_lock_bucket() to userspace
https://notcve.org/view.php?id=CVE-2022-50490
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htab_lock_bucket() to userspace In __htab_map_lookup_and_delete_batch() if htab_lock_bucket() returns -EBUSY, it will go to next bucket. Going to next bucket may not only skip the elements in current bucket silently, but also incur out-of-bound memory access or expose kernel memory to userspace if current bucket_cnt is greater than bucket_size or zero. Fixing it by stopping batch operation and returning -EBUSY when... • https://git.kernel.org/stable/c/20b6cc34ea74b6a84599c1f8a70f3315b56a1883 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50489 – drm/mipi-dsi: Detach devices when removing the host
https://notcve.org/view.php?id=CVE-2022-50489
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregister() loops over every device currently found on that bus and will unregister it. However, it doesn't detach it from the bus first, which leads to all kind of resource leaks if the host wants to perform some clean up whenever a device is detached. In the Linux kernel, the following vulnerability has been resolved:... • https://git.kernel.org/stable/c/068a00233969833f1ba925e7627797489efd6041 • CWE-459: Incomplete Cleanup •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50488 – block, bfq: fix possible uaf for 'bfqq->bic'
https://notcve.org/view.php?id=CVE-2022-50488
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfq_select_queue+0x378/0xa30 CPU: 6 PID: 2318352 Comm: fsstress Kdump: loaded Not tainted 5.10.0-60.18.0.50.h602.kasan.eulerosv2r11.x86_64 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58-20220320_160524-szxrtosci10000 ... • https://git.kernel.org/stable/c/4dfc12f8c94c8052e975060f595938f75e8b7165 • CWE-826: Premature Release of Resource During Expected Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53579 – gpio: mvebu: fix irq domain leak
https://notcve.org/view.php?id=CVE-2023-53579
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action. In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action. The ... • https://git.kernel.org/stable/c/812d47889a8e418d7bea9bec383581a34c19183e •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53578 – net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
https://notcve.org/view.php?id=CVE-2023-53578
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230 qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230 qrtr_endpoint_post+0xf85/0x11b0 net/qrtr/af_qrtr.c:519 qrtr_tun_write_iter+0x270/0x400 net/qrtr/tun.c:108 call_write_iter include/linux/fs.h:2189 [inline] aio_wr... • https://git.kernel.org/stable/c/5fdeb0d372ab33b4175043a2a4a1730239a217f1 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53577 – bpf, cpumap: Make sure kthread is running before map update returns
https://notcve.org/view.php?id=CVE-2023-53577
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ------------[ cut here ]------------ WARNING: CPU: 4 PID: 65 at kernel/bpf/cpumap.c:135 CPU: 4 PID: 65 Comm: kworker/4:1 Not tainted 6.5.0-rc2+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Workqueue: events cpu_map_kthread_stop RIP: 0010:put_cpu_map_entry+0... • https://git.kernel.org/stable/c/6710e1126934d8b4372b4d2f9ae1646cd3f151bf • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •