CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48662 – drm/i915/gem: Really move i915_gem_context.link under ref protection
https://notcve.org/view.php?id=CVE-2022-48662
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915_gem_context.link under ref protection i915_perf assumes that it can use the i915_gem_context reference to protect its i915->gem.contexts.list iteration. However, this requires that we do not remove the context from the list until after we drop the final reference and release the struct. If, as currently, we remove the context from the list during context_close(), the link.next pointer may be poisoned while we ... • https://git.kernel.org/stable/c/f8246cf4d9a9025d26c609bb2195e7c0a9ce5c40 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48661 – gpio: mockup: Fix potential resource leakage when register a chip
https://notcve.org/view.php?id=CVE-2022-48661
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fix potential resource leakage when register a chip If creation of software node fails, the locally allocated string array is left unfreed. Free it on error path. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: gpio: maqueta: corrige una posible fuga de recursos al registrar un chip. Si falla la creación del nodo de software, la matriz de cadenas asignada localmente queda sin liberar. Libérelo en la ruta de err... • https://git.kernel.org/stable/c/6fda593f3082ef1aa783ac13e89f673fd69a2cb6 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48660 – gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
https://notcve.org/view.php?id=CVE-2022-48660
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below command gpiomon --num-events=3 --rising-edge gpiochip1 25 There will be a warning trace as below: Call trace: free_irq+0x204/0x360 lineevent_free+0x64/0x70 gpio_ioctl+0x598/0x6a0 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x5c/0x130 ...... el0t_64_sync+0x1a0/0x1a4 The reason of this issue is that calling request_... • https://git.kernel.org/stable/c/468242724143a8e732f82f664b1e77432d149618 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48659 – mm/slub: fix to return errno if kmalloc() fails
https://notcve.org/view.php?id=CVE-2022-48659
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc() fails In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to out-of-memory, if it fails, return errno correctly rather than triggering panic via BUG_ON(); kernel BUG at mm/slub.c:5893! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Call trace: sysfs_slab_add+0x258/0x260 mm/slub.c:5973 __kmem_cache_create+0x60/0x118 mm/slub.c:4899 create_cache mm/slab_common.c:229 [inline] kmem_cache_create_use... • https://git.kernel.org/stable/c/81819f0fc8285a2a5a921c019e3e3d7b6169d225 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48658 – mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.
https://notcve.org/view.php?id=CVE-2022-48658
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context. Commit 5a836bf6b09f ("mm: slub: move flush_cpu_slab() invocations __free_slab() invocations out of IRQ context") moved all flush_cpu_slab() invocations to the global workqueue to avoid a problem related with deactivate_slab()/__free_slab() being called from an IRQ context on PREEMPT_RT kernels. When the flush_all_cpu_locked() function is called from a task context it ... • https://git.kernel.org/stable/c/5a836bf6b09f99ead1b69457ff39ab3011ece57b •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48657 – arm64: topology: fix possible overflow in amu_fie_setup()
https://notcve.org/view.php?id=CVE-2022-48657
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amu_fie_setup() cpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*, while freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'. Multiplying max frequency by 1000 can potentially result in overflow -- multiplying by 1000ULL instead should avoid that... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. En el kernel de Linux, ... • https://git.kernel.org/stable/c/cd0ed03a8903a0b0c6fc36e32d133d1ddfe70cd6 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48656 – dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
https://notcve.org/view.php?id=CVE-2022-48656
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we only need to move the of_node_put() before the check. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: ti: k3-udma-private: corrige el error de fuga de recuento en of_xudma_dev_get() Deberíamos llamar a of_no... • https://git.kernel.org/stable/c/d702419134133db1eab2067dc6ea5723467fd917 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48655 – firmware: arm_scmi: Harden accesses to the reset domains
https://notcve.org/view.php?id=CVE-2022-48655
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations if the SCMI driver misbehave. Add an internal consistency check before any such domains descriptors accesses. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scmi: Refuerza los acces... • https://git.kernel.org/stable/c/95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48654 – netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
https://notcve.org/view.php?id=CVE-2022-48654
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which can be used to leak stale kernel stack data to userspace. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nfnetlink_osf: corrige una posible coincidencia falsa en nf_osf_find() nf_osf_find() devuelve verdadero incorrectamente en ... • https://git.kernel.org/stable/c/22c7652cdaa8cd33ce78bacceb4e826a3f795873 • CWE-908: Use of Uninitialized Resource •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48653 – ice: Don't double unplug aux on peer initiated reset
https://notcve.org/view.php?id=CVE-2022-48653
28 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the ice_prepare_for_reset function. This double call is causing a "scheduling while atomic" BUG. [ 662.676430] ice 0000:4c:00.0 rocep76s0: cqp opcode = 0x1 maj_err_code = 0xffff min_err_code = 0x8003 [ 662.676609] ice 0000:4c:00.0 roc... • https://git.kernel.org/stable/c/f9f5301e7e2d4fa2445aab3ec889dac6b34ea63e •