CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49577 – udp: Fix a data-race around sysctl_udp_l3mdev_accept.
https://notcve.org/view.php?id=CVE-2022-49577
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctl_udp_l3mdev_accept. While reading sysctl_udp_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctl_udp_l3mdev_accept. While reading sysctl_udp_l3mdev_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/63a6fff353d01da5a22b72670c434bf12fa0e3b8 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49576 – ipv4: Fix data-races around sysctl_fib_multipath_hash_fields.
https://notcve.org/view.php?id=CVE-2022-49576
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_fields. While reading sysctl_fib_multipath_hash_fields, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_fields. While reading sysctl_fib_multipath_hash_fields, it can be changed concurrently. • https://git.kernel.org/stable/c/ce5c9c20d364f156c885efed8c71fca2945db00f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49575 – tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
https://notcve.org/view.php?id=CVE-2022-49575
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. • https://git.kernel.org/stable/c/36e31b0af58728071e8023cf8e20c5166b700717 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49574 – tcp: Fix data-races around sysctl_tcp_recovery.
https://notcve.org/view.php?id=CVE-2022-49574
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_recovery. While reading sysctl_tcp_recovery, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/4f41b1c58a32537542f14c1150099131613a5e8a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49573 – tcp: Fix a data-race around sysctl_tcp_early_retrans.
https://notcve.org/view.php?id=CVE-2022-49573
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_early_retrans. While reading sysctl_tcp_early_retrans, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/eed530b6c67624db3f2cf477bac7c4d005d8f7ba •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49572 – tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
https://notcve.org/view.php?id=CVE-2022-49572
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. • https://git.kernel.org/stable/c/35089bb203f44e33b6bbb6c4de0b0708f9a48921 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49571 – tcp: Fix data-races around sysctl_tcp_max_reordering.
https://notcve.org/view.php?id=CVE-2022-49571
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_max_reordering. While reading sysctl_tcp_max_reordering, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_max_reordering. While reading sysctl_tcp_max_reordering, it can be changed concurrently. • https://git.kernel.org/stable/c/dca145ffaa8d39ea1904491ac81b92b7049372c0 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49570 – gpio: gpio-xilinx: Fix integer overflow
https://notcve.org/view.php?id=CVE-2022-49570
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow Current implementation is not able to configure more than 32 pins due to incorrect data type. So type casting with unsigned long to avoid it. In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow Current implementation is not able to configure more than 32 pins due to incorrect data type. So type casting with unsigned long to avoid it. • https://git.kernel.org/stable/c/02b3f84d9080b0f4297f31258307f626a43faba5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49569 – spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers
https://notcve.org/view.php?id=CVE-2022-49569
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers In case a IRQ based transfer times out the bcm2835_spi_handle_err() function is called. Since commit 1513ceee70f2 ("spi: bcm2835: Drop dma_pending flag") the TX and RX DMA transfers are unconditionally canceled, leading to NULL pointer derefs if ctlr->dma_tx or ctlr->dma_rx are not set. Fix the NULL pointer deref by checking that ctlr->dma_tx and ctlr->dma_... • https://git.kernel.org/stable/c/1513ceee70f2bd523e025efe0c715328e1a43ffd •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49568 – KVM: Don't null dereference ops->destroy
https://notcve.org/view.php?id=CVE-2022-49568
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops->destroy A KVM device cleanup happens in either of two callbacks: 1) destroy() which is called when the VM is being destroyed; 2) release() which is called when a device fd is closed. Most KVM devices use 1) but Book3s's interrupt controller KVM devices (XICS, XIVE, XIVE-native) use 2) as they need to close and reopen during the machine execution. The error handling in kvm_ioctl_create_device() assumes destro... • https://git.kernel.org/stable/c/170465715a60cbb7876e6b961b21bd3225469da8 •