CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50815 – ext2: Add sanity checks for group and filesystem size
https://notcve.org/view.php?id=CVE-2022-50815
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount some crafted filesystems with extremely large group counts. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50814 – crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
https://notcve.org/view.php?id=CVE-2022-50814
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr KASAN reported this Bug: [17619.659757] BUG: KASAN: global-out-of-bounds in param_get_int+0x34/0x60 [17619.673193] Read of size 4 at addr fffff01332d7ed00 by task read_all/1507958 ... [17619.698934] The buggy address belongs to the variable: [17619.708371] sgl_sge_nr+0x0/0xffffffffffffa300 [hisi_zip] There is a mismatch in hisi_zip when get/set the variable sgl_sge_nr. The type of s... • https://git.kernel.org/stable/c/f081fda293ffba54216a7dab66faba7275475006 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50813 – drivers: mcb: fix resource leak in mcb_probe()
https://notcve.org/view.php?id=CVE-2022-50813
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcb_probe() When probe hook function failed in mcb_probe(), it doesn't put the device. Compiled test only. • https://git.kernel.org/stable/c/7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50812 – security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
https://notcve.org/view.php?id=CVE-2022-50812
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences (see the links above the check for more information). Restrict CONFIG_CC_HAS_ZERO_CALL_USED_REGS to either a supported GCC version or a clang newer than 15.0.6, which will catch both a theoretical 15.0.7 and the upcoming 16.0.0, which will both have the bug fixed. • https://git.kernel.org/stable/c/a82adfd5c7cb4b8bb37ef439aed954f9972bb618 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50811 – erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails
https://notcve.org/view.php?id=CVE-2022-50811
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked. • https://git.kernel.org/stable/c/cec6e93beadfd145758af2c0854fcc2abb8170cb •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50810 – rapidio: devices: fix missing put_device in mport_cdev_open
https://notcve.org/view.php?id=CVE-2022-50810
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing put_device in mport_cdev_open When kfifo_alloc fails, the refcount of chdev->dev is left incremental. We should use put_device(&chdev->dev) to decrease the ref count of chdev->dev to avoid refcount leak. • https://git.kernel.org/stable/c/e8de370188d098bb49483c287b44925957c3c9b6 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50809 – xhci: dbc: Fix memory leak in xhci_alloc_dbc()
https://notcve.org/view.php?id=CVE-2022-50809
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhci_alloc_dbc() If DbC is already in use, then the allocated memory for the xhci_dbc struct doesn't get freed before returning NULL, which leads to a memleak. • https://git.kernel.org/stable/c/d7afb4a13f6c6ee7df7d0bfc67b4ef19ece6d802 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54162 – ksmbd: fix possible memory leak in smb2_lock()
https://notcve.org/view.php?id=CVE-2023-54162
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2_lock() argv needs to be free when setup_async_work fails or when the current process is woken up. • https://git.kernel.org/stable/c/e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50786 – media: s5p-mfc: Clear workbit to handle error condition
https://notcve.org/view.php?id=CVE-2022-50786
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSE_INSTANCE command, ctx_work_bits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic. This patch fixes this issue by making sure to clear ctx_work_bits always. • https://git.kernel.org/stable/c/818cd91ab8c6e42c2658c8e61f8462637c6f586b •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-68750 – usb: potential integer overflow in usbg_make_tpg()
https://notcve.org/view.php?id=CVE-2025-68750
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbg_make_tpg() The variable tpgt in usbg_make_tpg() is defined as unsigned long and is assigned to tpgt->tport_tpgt, which is defined as u16. This may cause an integer overflow when tpgt is greater than USHRT_MAX (65535). I haven't tried to trigger it myself, but it is possible to trigger it by calling usbg_make_tpg() with a large value for tpgt. I modified the type of tpgt to match tpgt->tport_tpgt and a... • https://git.kernel.org/stable/c/c52661d60f636d17e26ad834457db333bd1df494 •