CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49110 – netfilter: conntrack: revisit gc autotuning
https://notcve.org/view.php?id=CVE-2022-49110
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 ("netfilter: conntrack: collect all entries in one cycle") conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large value, most evictions happen from gc worker rather than the packet path due to hash table distribution. This causes netlink event overflows when events are collected. This change collects average expiry of scanne... • https://git.kernel.org/stable/c/58d52743ae85d28c9335c6034d6ce350b8689951 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49103 – NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
https://notcve.org/view.php?id=CVE-2022-49103
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify() [You don't often get email from xiongx18@fudan.edu.cn. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.] The reference counting issue happens in two error paths in the function _nfs42_proc_copy_notify(). In both error paths, the function simply returns the error code and forgets to balance the refcount of object `ctx`, bumped by get_nfs_open_context(... • https://git.kernel.org/stable/c/9b9feec97c1fc7dd9bb69f62c4905cddf1801599 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49100 – virtio_console: eliminate anonymous module_init & module_exit
https://notcve.org/view.php?id=CVE-2022-49100
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an initcall_debug log. Give each of these init and exit functions unique driver-specific names to eliminate the anonymous names. Example 1: (System.map) ffffffff832fc78c t init ffffffff832fc79e t init ffffffff832fc8f8 t init Example 2: (init... • https://git.kernel.org/stable/c/93e3d88321d2274fa4e26b006e19cc10fec331c2 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49097 – NFS: Avoid writeback threads getting stuck in mempool_alloc()
https://notcve.org/view.php?id=CVE-2022-49097
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempool_alloc() In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempool_alloc(). • https://git.kernel.org/stable/c/c74e2f6ecc51bd08bb5b0335477dba954a50592e •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49095 – scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
https://notcve.org/view.php?id=CVE-2022-49095
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add the missing iounmap() call in the remove function. • https://git.kernel.org/stable/c/45804fbb00eea27bdf4d62751681228a9e2844e9 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49078 – lz4: fix LZ4_decompress_safe_partial read out of bound
https://notcve.org/view.php?id=CVE-2022-49078
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compressed data is suitably corrupted, UAF will occur. As reported by KASAN [1], LZ4_decompress_safe_partial may lead to read out of bound problem during decoding. lz4 upstream has fixed it [2] and this issue has been dis... • https://git.kernel.org/stable/c/73953dfa9d50e5c9fe98ee13fd1d3427aa12a0a3 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49077 – mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0)
https://notcve.org/view.php?id=CVE-2022-49077
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) If an mremap() syscall with old_size=0 ends up in move_page_tables(), it will call invalidate_range_start()/invalidate_range_end() unnecessarily, i.e. with an empty range. This causes a WARN in KVM's mmu_notifier. In the past, empty ranges have been diagnosed to be off-by-one bugs, hence the WARNing. Given the low (so far) number of unique reports, the benefits of ... • https://git.kernel.org/stable/c/a05540f3903bd8295e8c4cd90dd3d416239a115b •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49075 – btrfs: fix qgroup reserve overflow the qgroup limit
https://notcve.org/view.php?id=CVE-2022-49075
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extent_changeset->bytes_changed in qgroup_reserve_data() to record how many bytes we set for EXTENT_QGROUP_RESERVED state. Currently the bytes_changed is set as "unsigned int", and it will overflow if we try to fallocate a range larger than 4GiB. The result is we reserve less bytes and eventually break the qgroup limit. Unlike regular buffered/direct write, which we use one changese... • https://git.kernel.org/stable/c/0355387ea5b02d353c9415613fab908fac5c52a6 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49072 – gpio: Restrict usage of GPIO chip irq members before initialization
https://notcve.org/view.php?id=CVE-2022-49072
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are exposed before they could be completely initialized and this leads to race conditions. One such issue was observed for the gc->irq.domain variable which was accessed through the I2C interface in gpiochip_to_irq() before it could be initialized by gpiochip_add_irqchip(). This resulted in Kernel NULL pointer dereference. Following are the logs for re... • https://git.kernel.org/stable/c/7e88a50704b0c49ad3f2d11e8b963341cf68a89f •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49069 – drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw
https://notcve.org/view.php?id=CVE-2022-49069
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw [Why] Below general protection fault observed when WebGL Aquarium is run for longer duration. If drm debug logs are enabled and set to 0x1f then the issue is observed within 10 minutes of run. [ 100.717056] general protection fault, probably for non-canonical address 0x2d33302d32323032: 0000 [#1] PREEMPT SMP NOPTI [ 100.727921] CPU: 3 PID: 1906 Comm: DrmThread Tain... • https://git.kernel.org/stable/c/e995c5d52ec7415644eee617fc7e906b51aec7ae •