CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49362 – NFSD: Fix potential use-after-free in nfsd_file_put()
https://notcve.org/view.php?id=CVE-2022-49362
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix potential use-after-free in nfsd_file_put() nfsd_file_put_noref() can free @nf, so don't dereference @nf immediately upon return from nfsd_file_put_noref(). • https://git.kernel.org/stable/c/999397926ab3f78c7d1235cc4ca6e3c89d2769bf •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49361 – f2fs: fix to do sanity check for inline inode
https://notcve.org/view.php?id=CVE-2022-49361
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel [1], which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace: evict+0x282/0x4e0 __dentry_kill+0x2b2/0x4d0 dput+0x2dd/0x720 do_renameat2+0x596/0x970 __x64_sys_rename+0x78/0x90 do_syscall_64+0x3b/0x90 [1] https://bugzilla.kernel.org/show_bug.cgi?id=215895 The bug is due to fuzzed inode... • https://git.kernel.org/stable/c/efdefbe8b7564602ab446474788225a1f2a323b5 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49360 – f2fs: fix to do sanity check on total_data_blocks
https://notcve.org/view.php?id=CVE-2022-49360
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on total_data_blocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace: allocate_segment_by_default+0x228/0x440 f2fs_allocate_data_block+0x13d1/0x31f0 do_write_page+0x18d/0x710 f2fs_outplace_write_data+0x151/0x250 f2fs_do_write_data_page+0xef9/0x1980 move_data_page+0x6af/0xbc0 do_garbage_collect+... • https://git.kernel.org/stable/c/ef221b738b26d8c9f7e7967f4586db2dd3bd5288 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49359 – drm/panfrost: Job should reference MMU not file_priv
https://notcve.org/view.php?id=CVE-2022-49359
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Job should reference MMU not file_priv For a while now it's been allowed for a MMU context to outlive it's corresponding panfrost_priv, however the job structure still references panfrost_priv to get hold of the MMU context. If panfrost_priv has been freed this is a use-after-free which I've been able to trigger resulting in a splat. To fix this, drop the reference to panfrost_priv in the job structure and add a direct referen... • https://git.kernel.org/stable/c/7fdc48cc63a30fa3480d18bdd8c5fff2b9b15212 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49358 – netfilter: nf_tables: memleak flow rule from commit path
https://notcve.org/view.php?id=CVE-2022-49358
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction. • https://git.kernel.org/stable/c/c9626a2cbdb20e26587b3fad99960520a023432b •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49357 – efi: Do not import certificates from UEFI Secure Boot for T2 Macs
https://notcve.org/view.php?id=CVE-2022-49357
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occurs in Apple firmware code and EFI runtime services are disabled with the following logs: [Firmware Bug]: Page fault caused by firmware at PA: 0xffffb1edc0068000 WARNING: CPU: 3 PID: 104 at arch/x86/platform/efi/quirks.c:735 efi_crash... • https://git.kernel.org/stable/c/b1cda6dd2c44771f042d65f0d17bec322ef99a0a •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49356 – SUNRPC: Trap RDMA segment overflows
https://notcve.org/view.php?id=CVE-2022-49356
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svc_rdma_build_writes() from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlier prototype of the PCL work. • https://git.kernel.org/stable/c/7a1cbfa18059a40d4752dab057384c3ca2de326c •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49355 – xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
https://notcve.org/view.php?id=CVE-2022-49355
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xen: unexport __init-annotated xen_xlate_map_ballooned_pages() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next... • https://git.kernel.org/stable/c/243848fc018cb98c2a70c39fe1f93eb266c79835 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49354 – ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
https://notcve.org/view.php?id=CVE-2022-49354
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe of_find_device_by_node() takes reference, we should use put_device() to release it when not need anymore. Add missing put_device() to avoid refcount leak. • https://git.kernel.org/stable/c/43f01da0f2794b464ade2ffe1f780c69d7ce7b75 •
CVSS: -EPSS: %CPEs: 1EXPL: 0CVE-2022-49353 – powerpc/papr_scm: don't requests stats with '0' sized stats buffer
https://notcve.org/view.php?id=CVE-2022-49353
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/papr_scm: don't requests stats with '0' sized stats buffer Sachin reported [1] that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when papr_scm probe is being called. The panic is of the form below and is observed only with following option disabled(profile) for the said LPAR 'Enable Performance Information Collection' in the HMC: Kernel attempted to write user page (1c) - exploit attempt? (uid: 0) BUG: Ke... • https://git.kernel.org/stable/c/b073096df4dec70d0436321b7093bad27ae91f9e •