CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50774 – crypto: qat - fix DMA transfer direction
https://notcve.org/view.php?id=CVE-2022-50774
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIG_DMA_API_DEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function add_dma_entry() reports a warning similar to the one below, saying that overlapping mappings are not supported. This occurs in tests where the input and the output scatter list point to the same buffers (i.e. two different scatter lists which point to the same chunks of memory). The lo... • https://git.kernel.org/stable/c/d370cec3219490656d72f5ae6e5df32c113c5a44 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50773 – ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
https://notcve.org/view.php?id=CVE-2022-50773
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIG_PARPORT=m, CONFIG_PARPORT_PC=m, CONFIG_SND_MTS64=m Then making test scripts: cat>test_mod1.sh<
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50772 – netdevsim: fix memory leak in nsim_bus_dev_new()
https://notcve.org/view.php?id=CVE-2022-50772
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in nsim_bus_dev_new(), the value of reference in nsim_bus_dev->dev is 1. obj->name in nsim_bus_dev->dev will not be released. unreferenced object 0xffff88810352c480 (size 16): comm "echo", pid 5691, jiffies 4294945921 (age 133.270s) hex dump (first 16 bytes): 6e 65 74 64 65 76 73 69 6d 31 00 00 00 00 00 00 netdevsim1...... backtrace: [<000000005e2e5e26>] __kmalloc_... • https://git.kernel.org/stable/c/40e4fe4ce115c409c3e2fbb247085103ef1cc755 •
CVSS: 6.6EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50771 – rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
https://notcve.org/view.php?id=CVE-2022-50771
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module parameter in a kernel built with CONFIG_PREEMPTION=y results in the following splat: BUG: using __this_cpu_read() in preemptible [00000000] code: rcu_torture_fqs/398 caller is __this_cpu_preempt_check+0x13/0x20 CPU: 3 PID: 398 Comm: rcu_torture_fqs Not tainted 6.0.0-rc1-yoctodev-standard+ Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50770 – ocfs2: fix memory leak in ocfs2_mount_volume()
https://notcve.org/view.php?id=CVE-2022-50770
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_mount_volume() There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 (size 32): comm "mount.ocfs2", pid 23753, jiffies 4302528942 (age 34735.105s) hex dump (first 32 bytes): 10 00 00 00 00 00 00 00 00 01 01 01 01 01 01 01 ................ 01 01 01 01 01 01 01 01 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50769 – mmc: mxcmmc: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50769
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: f... • https://git.kernel.org/stable/c/d96be879ff469759af6d7fcebdb66237c18da6f8 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50767 – fbdev: smscufx: Fix several use-after-free bugs
https://notcve.org/view.php?id=CVE-2022-50767
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically removing a USB device. Adds ufx_ops_destroy() function to .fb_destroy of fb_ops, and in this function, there is kref_put() that finally calls ufx_free(). This fix prevents multiple UAFs. In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physical... • https://git.kernel.org/stable/c/3c8a63e22a0802fd56380f6ab305b419f18eb6f5 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50766 – btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer
https://notcve.org/view.php?id=CVE-2022-50766
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code") missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must not be moved to after clean_tree_block() because clean_tree_block() is calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs: ... • https://git.kernel.org/stable/c/bc877d285ca3dba24c52406946a4a69847cc7422 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50764 – ipv6/sit: use DEV_STATS_INC() to avoid data-races
https://notcve.org/view.php?id=CVE-2022-50764
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev->stats.tx_error concurrently. This is because sit tunnels are NETIF_F_LLTX, meaning their ndo_start_xmit() is not protected by a spinlock. While original KCSAN report was about tx path, rx path has the same issue. In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzb... • https://git.kernel.org/stable/c/8df40d1033d64597dcf1efd4f7547e817f7a953b •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50763 – crypto: marvell/octeontx - prevent integer overflows
https://notcve.org/view.php?id=CVE-2022-50763
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(ucode_size, 16)... • https://git.kernel.org/stable/c/d9110b0b01ff1cd02751cd5c2c94e938a8906083 •