CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49805 – net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
https://notcve.org/view.php?id=CVE-2022-49805
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init() lan966x_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: lan966x_stats_init() create_singlethread_workqueue() # failed, lan966x->stats_queue is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-pt... • https://git.kernel.org/stable/c/12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49804 – s390: avoid using global register for current_stack_pointer
https://notcve.org/view.php?id=CVE-2022-49804
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a function") made current_stack_pointer a global register variable like on many other architectures. Unfortunately on s390 it uncovers old gcc bug which is fixed only since gcc-9.1 [gcc commit 3ad7fed1cc87 ("S/390: Fix PR89775. Stackpointer save/restore instructions removed")] and backported to gcc-8.4 and later. Due to... • https://git.kernel.org/stable/c/30de14b1884ba609fc1acfba5b40309e3a6ccefe •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49803 – netdevsim: Fix memory leak of nsim_dev->fa_cookie
https://notcve.org/view.php?id=CVE-2022-49803
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsim_dev->fa_cookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s) hex dump (first 8 bytes): 04 00 00 00 de ad be ef ........ backtrace: [<00000000c80b8577>] __kmalloc+0x49/0x150 [<000000005292b8c6>] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim] [<0000000093d78e77>] full_proxy_write+0xf3/0x180 [<000000005a662c16>] vfs_w... • https://git.kernel.org/stable/c/d3cbb907ae57fe5da314b51d949b617b538bdeae •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49802 – ftrace: Fix null pointer dereference in ftrace_add_mod()
https://notcve.org/view.php?id=CVE-2022-49802
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). If kstrdup() for @ftrace_mod->{func|module} fails, it goes to @out_free tag and calls free_ftrace_mod() to destroy @ftrace_mod, then list_del() will write prev->next and next->prev, where null pointer dereference happens. BUG: kernel NUL... • https://git.kernel.org/stable/c/673feb9d76ab3eddde7acfd94b206e321cfc90b9 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49801 – tracing: Fix memory leak in tracing_read_pipe()
https://notcve.org/view.php?id=CVE-2022-49801
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in tracing_read_pipe() kmemleak reports this issue: unreferenced object 0xffff888105a18900 (size 128): comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s) hex dump (first 32 bytes): 25 73 00 90 81 88 ff ff 26 05 00 00 42 01 58 04 %s......&...B.X. 03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000560143a1>] __kmalloc_node_track_caller+0x4a/0x140 [<000000006af00822>] k... • https://git.kernel.org/stable/c/efbbdaa22bb78761bff8dfdde027ad04bedd47ce •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49800 – tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
https://notcve.org/view.php?id=CVE-2022-49800
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak. The same reason and solution in test_empty_synth_event(). unreferenced object 0xffff8881127de000 (size 2048): comm "modprobe", pid 247, jiffies 4294972316 (age 78.756s) hex dump (first 32 bytes): 20 67 65 6e 5f 73 79 6e 74 68 5f 74 ... • https://git.kernel.org/stable/c/9fe41efaca08416657efa8731c0d47ccb6a3f3eb •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49799 – tracing: Fix wild-memory-access in register_synth_event()
https://notcve.org/view.php?id=CVE-2022-49799
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which means the trace_event_call will call __unregister_trace_event() twice. As the result, the second unregister will causes the wild-memory-access. register_synth_event set_synth_event_print_fmt failed trace_remove_event_call event_remov... • https://git.kernel.org/stable/c/4b147936fa509650beaf638b331573c23ba4d609 •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49798 – tracing: Fix race where eprobes can be called before the event
https://notcve.org/view.php?id=CVE-2022-49798
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race where eprobes can be called before the event The flag that tells the event to call its triggers after reading the event is set for eprobes after the eprobe is enabled. This leads to a race where the eprobe may be triggered at the beginning of the event where the record information is NULL. The eprobe then dereferences the NULL record causing a NULL kernel pointer bug. Test for a NULL record to keep this from happening. In ... • https://git.kernel.org/stable/c/7491e2c442781a1860181adb5ab472a52075f393 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49797 – tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()
https://notcve.org/view.php?id=CVE-2022-49797
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() When trace_get_event_file() failed, gen_kretprobe_test will be assigned as the error code. If module kprobe_event_gen_test is removed now, the null pointer dereference will happen in kprobe_event_gen_test_exit(). Check if gen_kprobe_test or gen_kretprobe_test is error code or NULL before dereference them. BUG: kernel NULL pointer dereference, a... • https://git.kernel.org/stable/c/64836248dda20c8e7427b493f7e06d9bf8f58850 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49796 – tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit()
https://notcve.org/view.php?id=CVE-2022-49796
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() When test_gen_kprobe_cmd() failed after kprobe_event_gen_cmd_end(), it will goto delete, which will call kprobe_event_delete() and release the corresponding resource. However, the trace_array in gen_kretprobe_test will point to the invalid resource. Set gen_kretprobe_test to NULL after called kprobe_event_delete() to prevent null-ptr-deref. BUG: ker... • https://git.kernel.org/stable/c/64836248dda20c8e7427b493f7e06d9bf8f58850 •