CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49548 – bpf: Fix potential array overflow in bpf_trampoline_get_progs()
https://notcve.org/view.php?id=CVE-2022-49548
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpf_trampoline_get_progs() The cnt value in the 'cnt >= BPF_MAX_TRAMP_PROGS' check does not include BPF_TRAMP_MODIFY_RETURN bpf programs, so the number of the attached BPF_TRAMP_MODIFY_RETURN bpf programs in a trampoline can exceed BPF_MAX_TRAMP_PROGS. When this happens, the assignment '*progs++ = aux->prog' in bpf_trampoline_get_progs() will cause progs array overflow as the progs field in the bpf_tramp... • https://git.kernel.org/stable/c/88fd9e5352fe05f7fe57778293aebd4cd106960b •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49547 – btrfs: fix deadlock between concurrent dio writes when low on free data space
https://notcve.org/view.php?id=CVE-2022-49547
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between concurrent dio writes when low on free data space When reserving data space for a direct IO write we can end up deadlocking if we have multiple tasks attempting a write to the same file range, there are multiple extents covered by that file range, we are low on available space for data and the writes don't expand the inode's i_size. The deadlock can happen like this: 1) We have a file with an i_size of 1M, at off... • https://git.kernel.org/stable/c/f0bfa76a11e93d0fe2c896fcb566568c5e8b5d3f •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49546 – x86/kexec: fix memory leak of elf header buffer
https://notcve.org/view.php?id=CVE-2022-49546
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 (size 4096): comm "kexec", pid 14950, jiffies 4295110793 (age 373.951s) hex dump (first 32 bytes): 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 .ELF............ 04 00 3e 00 01 00 00 00 00 00 00 00 00 00 00 00 ..>............. backtrace: [<0000000016a8ef9f>] __vmalloc_node_range+0x101/0x170 [<000000002b66b6c0>] __v... • https://git.kernel.org/stable/c/8765a423a87d74ef24ea02b43b2728fe4039f248 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49545 – ALSA: usb-audio: Cancel pending work at closing a MIDI substream
https://notcve.org/view.php?id=CVE-2022-49545
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. For fixing the race, make sure to cancel the pending work at closing. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB M... • https://git.kernel.org/stable/c/40bdb5ec957aca5c5c1924602bef6b0ab18e22d3 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49544 – ipw2x00: Fix potential NULL dereference in libipw_xmit()
https://notcve.org/view.php?id=CVE-2022-49544
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipw2x00: Fix potential NULL dereference in libipw_xmit() crypt and crypt->ops could be null, so we need to checking null before dereference In the Linux kernel, the following vulnerability has been resolved: ipw2x00: Fix potential NULL dereference in libipw_xmit() crypt and crypt->ops could be null, so we need to checking null before dereference • https://git.kernel.org/stable/c/1ff6b0727c8988f25eeb670b6c038c1120bb58dd •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49543 – ath11k: fix the warning of dev_wake in mhi_pm_disable_transition()
https://notcve.org/view.php?id=CVE-2022-49543
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning in message as below. echo assert > /sys/kernel/debug/ath11k/wcn6855\ hw2.0/simulate_fw_crash echo assert > /sys/kernel/debug/ath11k/qca6390\ hw2.0/simulate_fw_crash warning message: [ 1965.642121] ath11k_pci 0000:06:00.0: simulating firmware assert crash [ 1968.471364] ieee80211 phy0: Hardware restart was requested... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49542 – scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()
https://notcve.org/view.php?id=CVE-2022-49542
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() In an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard lockup call trace hangs the system. Call Trace: _raw_spin_lock_irqsave+0x32/0x40 lpfc_dmp_dbg.part.32+0x28/0x220 [lpfc] lpfc_cmpl_els_fdisc+0x145/0x460 [lpfc] lpfc_sli_cancel_jobs+0x92/0xd0 [lpfc] lpfc_els_flush_cmd+0x43c/0x670 [lpfc] lpfc_els_flush_all_cmd+0x37/0x60 [lpfc] lpfc_sli4_async_event_pro... • https://git.kernel.org/stable/c/271725e4028559ae7974d762a8467dc9de412f2e •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49541 – cifs: fix potential double free during failed mount
https://notcve.org/view.php?id=CVE-2022-49541
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799 • https://git.kernel.org/stable/c/ce0008a0e410cdd95f0d8cd81b2902ec10a660c4 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49540 – rcu-tasks: Fix race in schedule and flush work
https://notcve.org/view.php?id=CVE-2022-49540
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in schedule and flush work While booting secondary CPUs, cpus_read_[lock/unlock] is not keeping online cpumask stable. The transient online mask results in below calltrace. [ 0.324121] CPU1: Booted secondary processor 0x0000000001 [0x410fd083] [ 0.346652] Detected PIPT I-cache on CPU2 [ 0.347212] CPU2: Booted secondary processor 0x0000000002 [0x410fd083] [ 0.377255] Detected PIPT I-cache on CPU3 [ 0.377823] CPU3: Booted ... • https://git.kernel.org/stable/c/1c6c3f2336642fb3074593911f5176565f47ec41 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49539 – rtw89: ser: fix CAM leaks occurring in L2 reset
https://notcve.org/view.php?id=CVE-2022-49539
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER (system error recover) L2 reset process and ieee80211_restart_hw() which is called by L2 reset process eventually. The normal flow would be like -> add interface (acquire 1) -> enter ips (release 1) -> leave ips (acquire 1) -> connection (occupy 1) <(A) 1 leak after L2 reset if non-sec connection> The ieee80211_restart_... • https://git.kernel.org/stable/c/f6aff772c9978844529618d86aafb53e5d3ae161 •