CVE-2022-48742 – rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
https://notcve.org/view.php?id=CVE-2022-48742
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() While looking at one unrelated syzbot bug, I found the replay logic in __rtnl_newlink() to potentially trigger use-after-free. It is better to clear master_dev and m_ops inside the loop, in case we have to replay it. • https://git.kernel.org/stable/c/ba7d49b1f0f8e5f24294a880ed576964059af5ef https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303 https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8 https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93 https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5 https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39 https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401 •
CVE-2022-48741 – ovl: fix NULL pointer dereference in copy up warning
https://notcve.org/view.php?id=CVE-2022-48741
In the Linux kernel, the following vulnerability has been resolved: ovl: fix NULL pointer dereference in copy up warning This patch is fixing a NULL pointer dereference to get a recently introduced warning message working. • https://git.kernel.org/stable/c/5cffa333a2b263821561328cc75a3ffc8097d093 https://git.kernel.org/stable/c/5b0a414d06c3ed2097e32ef7944a4abb644b89bd https://git.kernel.org/stable/c/e6b678c1a3673de6a5d2f4e22bb725a086a0701a https://git.kernel.org/stable/c/9c7f8a35c5a83740c0e3ea540b6ad145c50d79aa https://git.kernel.org/stable/c/4ee7e4a6c9b298da44029ed9ec8ed23ae49cc209 •
CVE-2022-48740 – selinux: fix double free of cond_list on error paths
https://notcve.org/view.php?id=CVE-2022-48740
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of cond_list on error paths On error path from cond_read_list() and duplicate_policydb_cond_list() the cond_list_destroy() gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by resetting the cond_list_len to 0 in cond_list_destroy(), making subsequent calls a noop. Also consistently reset the cond_list pointer to NULL after freeing. [PM: fix line lengths in the description] • https://git.kernel.org/stable/c/f446089a268c8fc6908488e991d28a9b936293db https://git.kernel.org/stable/c/70caa32e6d81f45f0702070c0e4dfe945e92fbd7 https://git.kernel.org/stable/c/7ed9cbf7ac0d4ed86b356e1b944304ae9ee450d4 https://git.kernel.org/stable/c/186edf7e368c40d06cf727a1ad14698ea67b74ad •
CVE-2022-48739 – ASoC: hdmi-codec: Fix OOB memory accesses
https://notcve.org/view.php?id=CVE-2022-48739
In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iec_status array by changing it to the size of status array of the struct snd_aes_iec958. This fixes out-of-bounds slab read accesses made by memcpy() of the hdmi-codec driver. This problem is reported by KASAN. • https://git.kernel.org/stable/c/7a8e1d44211e16eb394b7b9e0b236ee1503a3ad3 https://git.kernel.org/stable/c/10007bd96b6c4c3cfaea9e76c311b06a07a5e260 https://git.kernel.org/stable/c/1552e66be325a21d7eff49f46013fb402165a0ac https://git.kernel.org/stable/c/06feec6005c9d9500cd286ec440aabf8b2ddd94d •
CVE-2022-48738 – ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
https://notcve.org/view.php?id=CVE-2022-48738
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() We don't currently validate that the values being set are within the range we advertised to userspace as being valid, do so and reject any values that are out of range. • https://git.kernel.org/stable/c/40f598698129b5ceaf31012f9501b775c7b6e57d https://git.kernel.org/stable/c/586ef863c94354a7e00e5ae5ef01443d1dc99bc7 https://git.kernel.org/stable/c/65a61b1f56f5386486757930069fbdce94af08bf https://git.kernel.org/stable/c/68fd718724284788fc5f379e0b7cac541429ece7 https://git.kernel.org/stable/c/a9394f21fba027147bf275b083c77955864c366a https://git.kernel.org/stable/c/9e8895f1b3d4433f6d78aa6578e9db61ca6e6830 https://git.kernel.org/stable/c/bb72d2dda85564c66d909108ea6903937a41679d https://git.kernel.org/stable/c/817f7c9335ec01e0f5e8caffc4f1dcd5e • CWE-125: Out-of-bounds Read •