CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49516 – ice: always check VF VSI pointer values
https://notcve.org/view.php?id=CVE-2022-49516
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ice: always check VF VSI pointer values The ice_get_vf_vsi function can return NULL in some cases, such as if handling messages during a reset where the VSI is being removed and recreated. Several places throughout the driver do not bother to check whether this VSI pointer is valid. Static analysis tools maybe report issues because they detect paths where a potentially NULL pointer could be dereferenced. Fix this by checking the return valu... • https://git.kernel.org/stable/c/e7be3877589d539c52e5d1d23a625f889b541b9d •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49515 – ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t
https://notcve.org/view.php?id=CVE-2022-49515
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t The CS35L41_NUM_OTP_ELEM is 100, but only 99 entries are defined in the array otp_map_1/2[CS35L41_NUM_OTP_ELEM], this will trigger UBSAN to report a shift-out-of-bounds warning in the cs35l41_otp_unpack() since the last entry in the array will result in GENMASK(-1, 0). UBSAN reports this problem: UBSAN: shift-out-of-bounds in /home/hwang4/build/jammy/jammy/sound/soc/codecs/c... • https://git.kernel.org/stable/c/6450ef55905688602175fae4ed1bfbfef6a14dde •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49514 – ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
https://notcve.org/view.php?id=CVE-2022-49514
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe Call of_node_put(platform_node) to avoid refcount leak in the error path. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe Call of_node_put(platform_node) to avoid refcount leak in the error path. • https://git.kernel.org/stable/c/94319ba10ecabc8f28129566d1f5793e3e7a0a79 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49513 – cpufreq: governor: Use kobject release() method to free dbs_data
https://notcve.org/view.php?id=CVE-2022-49513
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release() method to free dbs_data The struct dbs_data embeds a struct gov_attr_set and the struct gov_attr_set embeds a kobject. Since every kobject must have a release() method and we can't use kfree() to free it directly, so introduce cpufreq_dbs_data_release() to release the dbs_data via the kobject::release() method. This fixes the calltrace like below: ODEBUG: free active (active state 0) object type: tim... • https://git.kernel.org/stable/c/c4435630361d9bebf7154a0c842dc1fb7ae39c99 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49512 – mtd: rawnand: denali: Use managed device resources
https://notcve.org/view.php?id=CVE-2022-49512
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so use them. Otherwise we will get the following splat: [ 4.472703] denali-nand-pci 0000:00:05.0: timeout while waiting for irq 0x1000 [ 4.474071] denali-nand-pci: probe of 0000:00:05.0 failed with error -5 [ 4.473538] nand: No NAND device found [ 4.474068] BUG: unable to handle page fault for address: ffffc90005000410 [ 4.475... • https://git.kernel.org/stable/c/93db446a424cee9387b532995e6b516667079555 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49511 – fbdev: defio: fix the pagelist corruption
https://notcve.org/view.php?id=CVE-2022-49511
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: fix the pagelist corruption Easily hit the below list corruption: == list_add corruption. prev->next should be next (ffffffffc0ceb090), but was ffffec604507edc8. (prev=ffffec604507edc8). WARNING: CPU: 65 PID: 3959 at lib/list_debug.c:26 __list_add_valid+0x53/0x80 CPU: 65 PID: 3959 Comm: fbdev Tainted: G U RIP: 0010:__list_add_valid+0x53/0x80 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49510 – drm/omap: fix NULL but dereferenced coccicheck error
https://notcve.org/view.php?id=CVE-2022-49510
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/omap: fix NULL but dereferenced coccicheck error Fix the following coccicheck warning: ./drivers/gpu/drm/omapdrm/omap_overlay.c:89:22-25: ERROR: r_ovl is NULL but dereferenced. Here should be ovl->idx rather than r_ovl->idx. In the Linux kernel, the following vulnerability has been resolved: drm/omap: fix NULL but dereferenced coccicheck error Fix the following coccicheck warning: ./drivers/gpu/drm/omapdrm/omap_overlay.c:89:22-25: ERROR... • https://git.kernel.org/stable/c/e02b5cc9e898ad6f223a69df63397beae60390ff •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49509 – media: i2c: max9286: fix kernel oops when removing module
https://notcve.org/view.php?id=CVE-2022-49509
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: max9286: fix kernel oops when removing module When removing the max9286 module we get a kernel oops: Unable to handle kernel paging request at virtual address 000000aa00000094 Mem abort info: ESR = 0x96000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004 CM = 0, WnR = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=0000000... • https://git.kernel.org/stable/c/66d8c9d2422da21ed41f75c03ba0685987b65fe0 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49508 – HID: elan: Fix potential double free in elan_input_configured
https://notcve.org/view.php?id=CVE-2022-49508
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or bind... • https://git.kernel.org/stable/c/9a6a4193d65b853020ef0e66cecdf9e64a863883 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49507 – regulator: da9121: Fix uninit-value in da9121_assign_chip_model()
https://notcve.org/view.php?id=CVE-2022-49507
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: da9121: Fix uninit-value in da9121_assign_chip_model() KASAN report slab-out-of-bounds in __regmap_init as follows: BUG: KASAN: slab-out-of-bounds in __regmap_init drivers/base/regmap/regmap.c:841 Read of size 1 at addr ffff88803678cdf1 by task xrun/9137 CPU: 0 PID: 9137 Comm: xrun Tainted: G W 5.18.0-rc2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Call Trace: