CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49460 – PM / devfreq: rk3399_dmc: Disable edev on remove()
https://notcve.org/view.php?id=CVE-2022-49460
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c ... [ 1279.659352] Hardware name: Google Kevin (DT) [ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--) [ 1279.659371] pc : devfreq_ev... • https://git.kernel.org/stable/c/664736e2cc09e504ce58ec61164d029d1f2651bb •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49459 – thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
https://notcve.org/view.php?id=CVE-2022-49459
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing. In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing. • https://git.kernel.org/stable/c/250e211057c7237dc75634b1372a1a3bd58dcd96 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49458 – drm/msm: don't free the IRQ if it was not requested
https://notcve.org/view.php?id=CVE-2022-49458
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: don't free the IRQ if it was not requested As msm_drm_uninit() is called from the msm_drm_init() error path, additional care should be necessary as not to call the free_irq() for the IRQ that was not requested before (because an error occured earlier than the request_irq() call). This fixed the issue reported with the following backtrace: [ 8.571329] Trying to free already-free IRQ 187 [ 8.571339] WARNING: CPU: 0 PID: 76 at kernel/... • https://git.kernel.org/stable/c/f026e431cf861197dc03217d1920b38b80b31dd9 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49457 – ARM: versatile: Add missing of_node_put in dcscb_init
https://notcve.org/view.php?id=CVE-2022-49457
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to avoid the refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_node with refcount incremented. We should use of_node_put() to a... • https://git.kernel.org/stable/c/2d7b23db35254b7d46e852967090c64cdccf24da •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49456 – bonding: fix missed rcu protection
https://notcve.org/view.php?id=CVE-2022-49456
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcu_read_lock in bond_ethtool_get_ts_info() as discussed [1], I didn't notice it could be called via setsockopt, which doesn't hold rcu lock, as syzbot pointed: stack backtrace: CPU: 0 PID: 3599 Comm: syz-executor317 Not tainted 5.18.0-rc5-syzkaller-01392-g01f4685797a5 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49455 – misc: ocxl: fix possible double free in ocxl_file_register_afu
https://notcve.org/view.php?id=CVE-2022-49455
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree() again. Fix this by adding free_minor() and return to err_unregister error path. In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be ... • https://git.kernel.org/stable/c/75ca758adbafc81804c39b2c200ecdc819a6c042 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49454 – PCI: mediatek: Fix refcount leak in mtk_pcie_subsys_powerup()
https://notcve.org/view.php?id=CVE-2022-49454
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtk_pcie_subsys_powerup() The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount. In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtk_pcie_subsys_powerup() The of_find_compatible_node() function returns a node pointer wi... • https://git.kernel.org/stable/c/87e8657ba99cac87b84c7f8ead91b44d88345504 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49453 – soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
https://notcve.org/view.php?id=CVE-2022-49453
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly return -ENOMEM just like the usage of devm_kcalloc in previous code. In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The al... • https://git.kernel.org/stable/c/05efc4591f80582b6fe53366b70b6a35a42fd255 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49452 – dpaa2-eth: retrieve the virtual address before dma_unmap
https://notcve.org/view.php?id=CVE-2022-49452
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dpaa2-eth: retrieve the virtual address before dma_unmap The TSO header was DMA unmapped before the virtual address was retrieved and then used to free the buffer. This meant that we were actually removing the DMA map and then trying to search for it to help in retrieving the virtual address. This lead to a invalid virtual address being used in the kfree call. Fix this by calling dpaa2_iova_to_virt() prior to the dma_unmap call. [ 487.23181... • https://git.kernel.org/stable/c/3dc709e0cd47c602a8d1a6747f1a91e9737eeed3 •
CVSS: 8.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49451 – firmware: arm_scmi: Fix list protocols enumeration in the base protocol
https://notcve.org/view.php?id=CVE-2022-49451
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is currently validated in an improper way since the check employs a sum between unsigned integers that could overflow and cause the check itself to be silently bypassed if the returned value 'loop_num_ret' is big enough. Fix the validation av... • https://git.kernel.org/stable/c/b6f20ff8bd94ad34032804a60bab5ee56752007e •