CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50770 – ocfs2: fix memory leak in ocfs2_mount_volume()
https://notcve.org/view.php?id=CVE-2022-50770
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_mount_volume() There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 (size 32): comm "mount.ocfs2", pid 23753, jiffies 4302528942 (age 34735.105s) hex dump (first 32 bytes): 10 00 00 00 00 00 00 00 00 01 01 01 01 01 01 01 ................ 01 01 01 01 01 01 01 01 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50769 – mmc: mxcmmc: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50769
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: f... • https://git.kernel.org/stable/c/d96be879ff469759af6d7fcebdb66237c18da6f8 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50767 – fbdev: smscufx: Fix several use-after-free bugs
https://notcve.org/view.php?id=CVE-2022-50767
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically removing a USB device. Adds ufx_ops_destroy() function to .fb_destroy of fb_ops, and in this function, there is kref_put() that finally calls ufx_free(). This fix prevents multiple UAFs. In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physical... • https://git.kernel.org/stable/c/3c8a63e22a0802fd56380f6ab305b419f18eb6f5 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50766 – btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer
https://notcve.org/view.php?id=CVE-2022-50766
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code") missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must not be moved to after clean_tree_block() because clean_tree_block() is calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs: ... • https://git.kernel.org/stable/c/bc877d285ca3dba24c52406946a4a69847cc7422 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50764 – ipv6/sit: use DEV_STATS_INC() to avoid data-races
https://notcve.org/view.php?id=CVE-2022-50764
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev->stats.tx_error concurrently. This is because sit tunnels are NETIF_F_LLTX, meaning their ndo_start_xmit() is not protected by a spinlock. While original KCSAN report was about tx path, rx path has the same issue. In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzb... • https://git.kernel.org/stable/c/8df40d1033d64597dcf1efd4f7547e817f7a953b •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50761 – x86/xen: Fix memory leak in xen_init_lock_cpu()
https://notcve.org/view.php?id=CVE-2022-50761
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory leak issue, fix it. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandle... • https://git.kernel.org/stable/c/2d9e1e2f58b5612aa4eab0ab54c84308a29dbd79 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50760 – drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
https://notcve.org/view.php?id=CVE-2022-50760
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we break the loop in amdgpu_atrm_get_bios() with 'pdev' not NULL, we need to call pci_dev_put() to decrease the refcount. Add the missing pci_dev_put() to avoid refcount leak. In the Linux kernel, the following... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50758 – staging: vt6655: fix potential memory leak
https://notcve.org/view.php?id=CVE-2022-50758
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function device_init_td0_ring, memory is allocated for member td_info of priv->apTD0Rings[i], with i increasing from 0. In case of allocation failure, the memory is freed in reversed order, with i decreasing to 0. However, the case i=0 is left out and thus memory is leaked. Modify the memory freeing loop to include the case i=0. In the Linux kernel, the following vulnerability has been resolved:... • https://git.kernel.org/stable/c/5341ee0adb17d12a96dc5344e0d267cd12b52135 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50757 – media: camss: Clean up received buffers on failed start of streaming
https://notcve.org/view.php?id=CVE-2022-50757
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50756 – nvme-pci: fix mempool alloc size
https://notcve.org/view.php?id=CVE-2022-50756
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was previously rounding this to 1 list, but we can require 2 in the worst case. In that scenario, the driver would corrupt memory beyond the size provided by the mempool. While unlikely to occur (you'd need a 4MB in exa... • https://git.kernel.org/stable/c/943e942e6266f22babee5efeb00f8f672fbff5bd •