CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50201 – selinux: fix memleak in security_read_state_kernel()
https://notcve.org/view.php?id=CVE-2022-50201
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policy without freeing the allocated memory in *data, cause memory leak issue, so free the memory if __security_read_policy failed. [PM: subject line tweak] In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the res... • https://git.kernel.org/stable/c/c877c5217145bda8fd95f506bf42f8d981afa57d •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50200 – selinux: Add boundary check in put_entry()
https://notcve.org/view.php?id=CVE-2022-50200
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memory out-of-bound access. In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memory out-of-bound access. • https://git.kernel.org/stable/c/2dabe6a872a5744865372eb30ea51e8ccd21305a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50199 – ARM: OMAP2+: Fix refcount leak in omapdss_init_of
https://notcve.org/view.php?id=CVE-2022-50199
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omapdss_init_of omapdss_find_dss_of_node() calls of_find_compatible_node() to get device node. of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in later error path and normal path. In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omapdss_init_of omapdss_find_... • https://git.kernel.org/stable/c/e0c827aca0730b51f38081aa4e8ecf0912aab55f •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50198 – ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
https://notcve.org/view.php?id=CVE-2022-50198
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init of_find_matching_node() returns a node pointer with refcount incremented, we shou... • https://git.kernel.org/stable/c/1e037794f7f00ff464db446ace892dae84175a6a •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50197 – cpufreq: zynq: Fix refcount leak in zynq_get_revision
https://notcve.org/view.php?id=CVE-2022-50197
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: zynq: Fix refcount leak in zynq_get_revision of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: cpufreq: zynq: Fix refcount leak in zynq_get_revision of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node... • https://git.kernel.org/stable/c/00f7dc636366f72474b1896f4990b3c086cd2c6d •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50194 – soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
https://notcve.org/view.php?id=CVE-2022-50194
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register Every iteration of for_each_available_child_of_node() decrements the reference count of the previous node. When breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix ref... • https://git.kernel.org/stable/c/05589b30b21ac0273970b61edd50c07d2ba156af •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50191 – regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
https://notcve.org/view.php?id=CVE-2022-50191
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() We should call the of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() We should call the of_node_put() for the reference returned by of_get_child_by_name() which has increased the re... • https://git.kernel.org/stable/c/40e20d68bb3fb1ce2704c886d597918988d3321d •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50185 – drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
https://notcve.org/view.php?id=CVE-2022-50185
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() The last case label can write two buffers 'mc_reg_address[j]' and 'mc_data[j]' with 'j' offset equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE since there are no checks for this value in both case labels after the last 'j++'. Instead of changing '>' to '>=' there, add the bounds check at the start of the second 'case' (the first one already has it). Also, remove redunda... • https://git.kernel.org/stable/c/69e0b57a91adca2e3eb56ed4db39ab90f3ae1043 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50181 – virtio-gpu: fix a missing check to avoid NULL dereference
https://notcve.org/view.php?id=CVE-2022-50181
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cache_ent' could be set NULL inside virtio_gpu_cmd_get_capset() and it will lead to a NULL dereference by a lately use of it (i.e., ptr = cache_ent->caps_cache). Fix it with a NULL check. [ kraxel: minor codestyle fixup ] In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cache_ent' could be set NULL inside ... • https://git.kernel.org/stable/c/62fb7a5e10962ac6ae2a2d2dbd3aedcb2a3e3257 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50179 – ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
https://notcve.org/view.php?id=CVE-2022-50179
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Syzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The problem was in incorrect htc_handle->drv_priv initialization. Probable call trace which can trigger use-after-free: ath9k_htc_probe_device() /* htc_handle->drv_priv = priv; */ ath9k_htc_wait_for_target() <--- Failed ieee80211_free_hw() <--- priv pointer is freed