CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49371 – driver core: fix deadlock in __device_attach
https://notcve.org/view.php?id=CVE-2022-49371
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_attach device_lock(dev) // get lock dev async_schedule_dev(__device_attach_async_helper, dev); // func async_schedule_node async_schedule_node_domain(func) entry = kzalloc(sizeof(struct async_entry), GFP_ATOMIC); /* when fail or work limit, sync to execute func, but __device_attach_async_helper will get lock dev as we... • https://git.kernel.org/stable/c/765230b5f084863183aa8adb3405ab3f32c0b16e •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49370 – firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
https://notcve.org/view.php?id=CVE-2022-49370
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add() If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix this issue by calling kobject_put(). In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in... • https://git.kernel.org/stable/c/948af1f0bbc8526448e8cbe3f8d3bf211bdf5181 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49368 – net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
https://notcve.org/view.php?id=CVE-2022-49368
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() The "fsp->location" variable comes from user via ethtool_get_rxnfc(). Check that it is valid to prevent an out of bounds read. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() The "fsp->location" variable comes from user via ethtool_get_rxnfc(). Check that it is valid to... • https://git.kernel.org/stable/c/7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49367 – net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
https://notcve.org/view.php?id=CVE-2022-49367
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. mv88e6xxx_mdio_register() pass the device node to of_mdiobus_register(). We don't need the device node after it. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix ref... • https://git.kernel.org/stable/c/a3c53be55c955b7150cda17874c3fcb4eeb97a89 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49364 – f2fs: fix to clear dirty inode in f2fs_evict_inode()
https://notcve.org/view.php?id=CVE-2022-49364
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fs_evict_inode() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4e0 __dentry_kill+0x2b2/0x4d0 shrink_dentry_list+0x17c/0x4f0 shrink_dcache_parent+0x143/0x1e0 do_one_tree+0x9/0x30 shrink_dcache_for_umount+0x51/0x120 generic_shutdown_super+0x5c/0x3a0 kill_block_super+0x90/0xd0... • https://git.kernel.org/stable/c/54c116615c99e22aa08aa950757ed726e2f60821 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49363 – f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
https://notcve.org/view.php?id=CVE-2022-49363
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on block address in f2fs_do_zero_range() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215894 I have encountered a bug in F2FS file system in kernel v5.17. I have uploaded the system call sequence as case.c, and a fuzzed image can be found in google net disk The kernel should enable CONFIG_KASAN=y and CONFIG_KASAN_INLINE=y. You can reproduce the bug by running the following command... • https://git.kernel.org/stable/c/7361c9f2bd6a8f0cbb41cdea9aff04765ff23f67 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49361 – f2fs: fix to do sanity check for inline inode
https://notcve.org/view.php?id=CVE-2022-49361
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel [1], which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace: evict+0x282/0x4e0 __dentry_kill+0x2b2/0x4d0 dput+0x2dd/0x720 do_renameat2+0x596/0x970 __x64_sys_rename+0x78/0x90 do_syscall_64+0x3b/0x90 [1] https://bugzilla.kernel.org/show_bug.cgi?id=215895 The bug is due to fuzzed inode... • https://git.kernel.org/stable/c/efdefbe8b7564602ab446474788225a1f2a323b5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49360 – f2fs: fix to do sanity check on total_data_blocks
https://notcve.org/view.php?id=CVE-2022-49360
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on total_data_blocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace: allocate_segment_by_default+0x228/0x440 f2fs_allocate_data_block+0x13d1/0x31f0 do_write_page+0x18d/0x710 f2fs_outplace_write_data+0x151/0x250 f2fs_do_write_data_page+0xef9/0x1980 move_data_page+0x6af/0xbc0 do_garbage_collect+... • https://git.kernel.org/stable/c/ef221b738b26d8c9f7e7967f4586db2dd3bd5288 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49359 – drm/panfrost: Job should reference MMU not file_priv
https://notcve.org/view.php?id=CVE-2022-49359
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Job should reference MMU not file_priv For a while now it's been allowed for a MMU context to outlive it's corresponding panfrost_priv, however the job structure still references panfrost_priv to get hold of the MMU context. If panfrost_priv has been freed this is a use-after-free which I've been able to trigger resulting in a splat. To fix this, drop the reference to panfrost_priv in the job structure and add a direct referen... • https://git.kernel.org/stable/c/7fdc48cc63a30fa3480d18bdd8c5fff2b9b15212 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49358 – netfilter: nf_tables: memleak flow rule from commit path
https://notcve.org/view.php?id=CVE-2022-49358
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction. In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing t... • https://git.kernel.org/stable/c/c9626a2cbdb20e26587b3fad99960520a023432b •