CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49493 – ASoC: rt5645: Fix errorenous cleanup order
https://notcve.org/view.php?id=CVE-2022-49493
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_timer latter. However, since the timer handler rt5645_btn_check_callback() will re-queue the jack_detect_work, this cleanup order is buggy. That is, once the del_timer_sync in rt5645_i2c_remove is concurrently run with the rt5645_btn_che... • https://git.kernel.org/stable/c/7d801e807536a9a9c2146c5f4a5836f154517ed3 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49492 – nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
https://notcve.org/view.php?id=CVE-2022-49492
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which is checked immediately after the call. However, when we return the error message up the stack, to nvme_reset_work the error takes us to nvme_remove_dead_ctrl() nvme_dev_disable() nvme_suspend_queue(&dev->queues[0]). Here, we only chec... • https://git.kernel.org/stable/c/8321b17789f614414206af07e17ce4751c95dc76 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49491 – drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
https://notcve.org/view.php?id=CVE-2022-49491
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_resource() that will check 'res' to avoid null-ptr-deref. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platfo... • https://git.kernel.org/stable/c/2048e3286f347db5667708e47448176b5329e8d8 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49490 – drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
https://notcve.org/view.php?id=CVE-2022-49490
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't check for if an error is returned. Because of this, there is a possibility of mdp5_pipe_release hitting a NULL dereference error. To avoid this, let's have mdp5_pipe_release check if mdp5_get_global_state returns an error and propogat... • https://git.kernel.org/stable/c/7907a0d77cb461f58045763c205a5830be72e97c •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49489 – drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
https://notcve.org/view.php?id=CVE-2022-49489
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpu_vbif_init_memtypes+0x40/0xb8 dpu_runtime_resume+0xcc/0x1c0 pm_generic_runtime_resume+0x30/0x44 __genpd_runtime_resume+0x68/0x7c genpd_runtime_resume+0x134/0x258 __rpm_callback+0x98/0x138 rpm_callback+0x30/0x88 rpm_resume+0x36c/0x49c __pm_runtime_... • https://git.kernel.org/stable/c/25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49488 – drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
https://notcve.org/view.php?id=CVE-2022-49488
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in mdp5_mixer_release doesn't check for if an error is returned. To avoid a NULL dereference error, let's have mdp5_mixer_release check if an error is returned and propagate that error. Patchwork: https://patchwork.freedesktop.org/patch... • https://git.kernel.org/stable/c/7907a0d77cb461f58045763c205a5830be72e97c •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49487 – mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe()
https://notcve.org/view.php?id=CVE-2022-49487
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() It will cause null-ptr-deref when using 'res', if platfo... • https://git.kernel.org/stable/c/0b1039f016e8a37c779a4aee362cb2100ebb1cfd •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49486 – ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49486
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. • https://git.kernel.org/stable/c/81e8e4926167ab32593bbb915b45a42024ca1020 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49485 – drm/v3d: Fix null pointer dereference of pointer perfmon
https://notcve.org/view.php?id=CVE-2022-49485
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix null pointer dereference of pointer perfmon In the unlikely event that pointer perfmon is null the WARN_ON return path occurs after the pointer has already been deferenced. Fix this by only dereferencing perfmon after it has been null checked. In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix null pointer dereference of pointer perfmon In the unlikely event that pointer perfmon is null the WARN_ON... • https://git.kernel.org/stable/c/26a4dc29b74a137f45665089f6d3d633fcc9b662 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49484 – mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector
https://notcve.org/view.php?id=CVE-2022-49484
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector Fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector routine if the chip does not support dbdc and the hw reports band_idx set to 1. In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector Fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector ... • https://git.kernel.org/stable/c/78fc30a21cf1175e97567fa5153c0efc7d955a45 •