CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49412 – bfq: Avoid merging queues with different parents
https://notcve.org/view.php?id=CVE-2022-49412
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge (and set bic->stable_merge_bfqq) and the moment bfq_setup_merge() is called. This can happen e.g. because the process submitted IO for a different cgroup and thus bfqq got reparented. It can even happen that the bfqq we are merging with has parent cgroup that is already offline and going... • https://git.kernel.org/stable/c/430a67f9d6169a7b3e328bceb2ef9542e4153c7c •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49411 – bfq: Make sure bfqg for which we are queueing requests is online
https://notcve.org/view.php?id=CVE-2022-49411
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfq_group into a service tree. But this bfq_group will get freed as soon as last bio associated with it is completed leading to use after free issues for service tree users. Fix the problem by making sure we always operate on online bfq_group. If t... • https://git.kernel.org/stable/c/e21b7a0b988772e82e7147e1c659a5afe2ae003c •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49410 – tracing: Fix potential double free in create_var_ref()
https://notcve.org/view.php?id=CVE-2022-49410
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable ref_field, which is allocated in the previous function call to create_hist_field(). Function init_var_ref() allocates the corresponding fields such as ref_field->system, but frees these fields when the function encounters an error. The caller later calls destroy_hist_field() to conduct error handling, whi... • https://git.kernel.org/stable/c/067fe038e70f6e64960d26a79c4df5f1413d0f13 •
CVSS: -EPSS: %CPEs: 10EXPL: 0CVE-2022-49409 – ext4: fix bug_on in __es_tree_search
https://notcve.org/view.php?id=CVE-2022-49409
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/ext4/extents_status.c:199 [inline] RIP: 0010:__es_tree_search+0x1e0/0x260 fs/ext4/extents_status.c:217 [...] Call Trace: ext4_es_cache_extent+0x109/0x340 fs/ext4/extents_status.c:766 ext4_cache_extents+0x239/0x2e0 fs/ext4/extents.c:561... • https://git.kernel.org/stable/c/5946d089379a35dda0e531710b48fca05446a196 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49408 – ext4: fix memory leak in parse_apply_sb_mount_options()
https://notcve.org/view.php?id=CVE-2022-49408
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parse_apply_sb_mount_options() If processing the on-disk mount options fails after any memory was allocated in the ext4_fs_context, e.g. s_qf_names, then this memory is leaked. Fix this by calling ext4_fc_free() instead of kfree() directly. Reproducer: mkfs.ext4 -F /dev/vdc tune2fs /dev/vdc -E mount_opts=usrjquota=file echo clear > /sys/kernel/debug/kmemleak mount /dev/vdc /vdc echo scan > /sys/kernel/debug/kmemleak... • https://git.kernel.org/stable/c/7edfd85b1ffd36593011dec96ab395912a340418 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49407 – dlm: fix plock invalid read
https://notcve.org/view.php?id=CVE-2022-49407
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plock_op" and a followed send_op() will append it to a global send_list data structure. In some cases a followed dev_read() moves it to recv_list and dev_write() will cast it to "struct plock_xop" and access fields which are only available in those structures. At this point an invalid read happens by accessing those fields. To fix ... • https://git.kernel.org/stable/c/586759f03e2e9031ac5589912a51a909ed53c30a •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49406 – block: Fix potential deadlock in blk_ia_range_sysfs_show()
https://notcve.org/view.php?id=CVE-2022-49406
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blk_ia_range_sysfs_show() When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blk_ia_range_sysfs_show(), there is no need to take the queue sysfs lock when reading the value of a range attribute. Using the queue sysfs lock in this function creates a potential deadlock situation with the disk removal, something that a lockdep ... • https://git.kernel.org/stable/c/a2247f19ee1c5ad75ef095cdfb909a3244b88aa8 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49405 – staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan()
https://notcve.org/view.php?id=CVE-2022-49405
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan() This code has a check to prevent read overflow but it needs another check to prevent writing beyond the end of the ->Ssid[] array. • https://git.kernel.org/stable/c/2b42bd58b32155a1be4dd78991845dec05aaef9e •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49404 – RDMA/hfi1: Fix potential integer multiplication overflow errors
https://notcve.org/view.php?id=CVE-2022-49404
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done after the multiplication. So arithmetic overflow and thus in incorrect value is possible. Correct an instance of this in the inter packet delay calculation. Fix by ensuring one of the operands is u64 which will promote the other to u... • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49403 – lib/string_helpers: fix not adding strarray to device's resource list
https://notcve.org/view.php?id=CVE-2022-49403
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: lib/string_helpers: fix not adding strarray to device's resource list Add allocated strarray to device's resource list. This is a must to automatically release strarray when the device disappears. Without this fix we have a memory leak in the few drivers which use devm_kasprintf_strarray(). • https://git.kernel.org/stable/c/acdb89b6c87a2d7b5c48a82756e6f5c6f599f60a •