CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49462 – drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
https://notcve.org/view.php?id=CVE-2022-49462
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to of_find_device_by_node() and of_dma_configure(), of_find_device_by_node() will takes its reference, of_dma_configure() doesn't need the node after usage. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the follo... • https://git.kernel.org/stable/c/4b565ca5a2cbbbb6345e8789da89c193b6b00e5a •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49460 – PM / devfreq: rk3399_dmc: Disable edev on remove()
https://notcve.org/view.php?id=CVE-2022-49460
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c ... [ 1279.659352] Hardware name: Google Kevin (DT) [ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--) [ 1279.659371] pc : devfreq_ev... • https://git.kernel.org/stable/c/664736e2cc09e504ce58ec61164d029d1f2651bb •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49457 – ARM: versatile: Add missing of_node_put in dcscb_init
https://notcve.org/view.php?id=CVE-2022-49457
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to avoid the refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to a... • https://git.kernel.org/stable/c/2d7b23db35254b7d46e852967090c64cdccf24da •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49453 – soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
https://notcve.org/view.php?id=CVE-2022-49453
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly return -ENOMEM just like the usage of devm_kcalloc in previous code. In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The al... • https://git.kernel.org/stable/c/05efc4591f80582b6fe53366b70b6a35a42fd255 •
CVSS: 8.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49451 – firmware: arm_scmi: Fix list protocols enumeration in the base protocol
https://notcve.org/view.php?id=CVE-2022-49451
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is currently validated in an improper way since the check employs a sum between unsigned integers that could overflow and cause the check itself to be silently bypassed if the returned value 'loop_num_ret' is big enough. Fix the validation av... • https://git.kernel.org/stable/c/b6f20ff8bd94ad34032804a60bab5ee56752007e •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49450 – rxrpc: Fix listen() setting the bar too high for the prealloc rings
https://notcve.org/view.php?id=CVE-2022-49450
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen() setting the bar too high for the prealloc rings AF_RXRPC's listen() handler lets you set the backlog up to 32 (if you bump up the sysctl), but whilst the preallocation circular buffers have 32 slots in them, one of them has to be a dead slot because we're using CIRC_CNT(). This means that listen(rxrpc_sock, 32) will cause an oops when the socket is closed because rxrpc_service_prealloc_one() allocated one too many calls ... • https://git.kernel.org/stable/c/00e907127e6f86d0f9b122d9b4347a8aa09a8b61 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49449 – pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()
https://notcve.org/view.php?id=CVE-2022-49449
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code. In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-der... • https://git.kernel.org/stable/c/b646e0cfeb38bf5f1944fd548f1dfa9b129fa00c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49447 – ARM: hisi: Add missing of_node_put after of_find_compatible_node
https://notcve.org/view.php?id=CVE-2022-49447
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing of_node_put after of_find_compatible_node of_find_compatible_node will increment the refcount of the returned device_node. Calling of_node_put() to avoid the refcount leak In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing of_node_put after of_find_compatible_node of_find_compatible_node will increment the refcount of the returned device_node. Calling of_node_put() to avoid the ... • https://git.kernel.org/stable/c/46cb7868811d025c3d29c10d18b3422db1cf20d5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49445 – pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()
https://notcve.org/view.php?id=CVE-2022-49445
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code. In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fix possible null-ptr-der... • https://git.kernel.org/stable/c/c7977ec4a33633c8e8d9267dd014356cf857351c •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49443 – list: fix a data-race around ep->rdllist
https://notcve.org/view.php?id=CVE-2022-49443
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep->rdllist ep_poll() first calls ep_events_available() with no lock held and checks if ep->rdllist is empty by list_empty_careful(), which reads rdllist->prev. Thus all accesses to it need some protection to avoid store/load-tearing. Note INIT_LIST_HEAD_RCU() already has the annotation for both prev and next. Commit bf3b9f6372c4 ("epoll: Add busy poll support to epoll with socket fds.") added the first lockless... • https://git.kernel.org/stable/c/bf3b9f6372c45b0fbf24d86b8794910d20170017 •