CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49190 – kernel/resource: fix kfree() of bootmem memory again
https://notcve.org/view.php?id=CVE-2022-49190
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: kernel/resource: fix kfree() of bootmem memory again Since commit ebff7d8f270d ("mem hotunplug: fix kfree() of bootmem memory"), we could get a resource allocated during boot via alloc_resource(). And it's required to release the resource using free_resource(). Howerver, many people use kfree directly which will result in kernel BUG. In order to fix this without fixing every call site, just leak a couple of bytes in such corner case. • https://git.kernel.org/stable/c/ebff7d8f270d045338d9f4796014f4db429a17f9 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49189 – clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
https://notcve.org/view.php?id=CVE-2022-49189
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as (2/3) and the final D value calculated results in underflow errors. As the current implementation does not check for D value is within the accepted range for a given M & N value. Update the logic to calculate the final D value based on the range. • https://git.kernel.org/stable/c/99cbd064b059f222c8839ba433a68b2d6ee33066 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49185 – pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
https://notcve.org/view.php?id=CVE-2022-49185
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. • https://git.kernel.org/stable/c/32e67eee670e1254ee5ab41e2f454680acb9c17c •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49180 – LSM: general protection fault in legacy_parse_param
https://notcve.org/view.php?id=CVE-2022-49180
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacy_parse_param The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular case Smack sees a mount option that it recognizes, and returns 0. A call to a BPF hook follows, which returns -ENOPARAM, which confuses the caller because Smack has processed its data. The SELinux hook incorrectl... • https://git.kernel.org/stable/c/ddcdda888e14ca451b3ee83d11b65b2a9c8e783b •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49178 – memstick/mspro_block: fix handling of read-only devices
https://notcve.org/view.php?id=CVE-2022-49178
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: memstick/mspro_block: fix handling of read-only devices Use set_disk_ro to propagate the read-only state to the block layer instead of checking for it in ->open and leaking a reference in case of a read-only device. • https://git.kernel.org/stable/c/057b53c4f87690d626203acef8b63d52a9bf2f43 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49175 – PM: core: keep irq flags in device_pm_check_callbacks()
https://notcve.org/view.php?id=CVE-2022-49175
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in device_pm_check_callbacks() The function device_pm_check_callbacks() can be called under the spin lock (in the reported case it happens from genpd_add_device() -> dev_pm_domain_set(), when the genpd uses spinlocks rather than mutexes. However this function uncoditionally uses spin_lock_irq() / spin_unlock_irq(), thus not preserving the CPU flags. Use the irqsave/irqrestore instead. The backtrace for the reference... • https://git.kernel.org/stable/c/3ec80d52b9b74b9e691997632a543c73eddfeba0 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49174 – ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
https://notcve.org/view.php?id=CVE-2022-49174
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit In case of flex_bg feature (which is by default enabled), extents for any given inode might span across blocks from two different block group. ext4_mb_mark_bb() only reads the buffer_head of block bitmap once for the starting block group, but it fails to read it again when the extent length boundary overflows to another block group. Then in this below loop it accesses memory beyond t... • https://git.kernel.org/stable/c/cd6d719534af993210306f8a13f9cb3e615f7c8d •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49172 – parisc: Fix non-access data TLB cache flush faults
https://notcve.org/view.php?id=CVE-2022-49172
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flush_user_dcache_range_asm and flush_user_icache_range_asm. When these occur, the cache line is not invalidated and potentially we get memory corruption. The problem was hidden by the nullification of the flush instructions. These faults also affect performance. With pa8800/pa8900 processors,... • https://git.kernel.org/stable/c/b3d6adb3a49d82e4e557c5fc16f50c9ff731da5d •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49171 – ext4: don't BUG if someone dirty pages without asking ext4 first
https://notcve.org/view.php?id=CVE-2022-49171
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: don't BUG if someone dirty pages without asking ext4 first [un]pin_user_pages_remote is dirtying pages without properly warning the file system in advance. A related race was noted by Jan Kara in 2018[1]; however, more recently instead of it being a very hard-to-hit race, it could be reliably triggered by process_vm_writev(2) which was discovered by Syzbot[2]. This is technically a bug in mm/gup.c, but arguably ext4 is fragile in that... • https://git.kernel.org/stable/c/5db60e76edf5680ff1f3a7221036fc44b308f146 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49170 – f2fs: fix to do sanity check on curseg->alloc_type
https://notcve.org/view.php?id=CVE-2022-49170
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg->alloc_type As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215657 - Overview UBSAN: array-index-out-of-bounds in fs/f2fs/segment.c:3460:2 when mount and operate a corrupted image - Reproduce tested on kernel 5.17-rc4, 5.17-rc6 1. mkdir test_crash 2. cd test_crash 3. unzip tmp2.zip 4. mkdir mnt 5. ./single_test.sh f2fs 2 - Kernel dump [ 46.434454] loop0: detected capaci... • https://git.kernel.org/stable/c/498b7088db71f9707359448cd6800bbb1882f4c3 •