CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2022-49901 – blk-mq: Fix kmemleak in blk_mq_init_allocated_queue
https://notcve.org/view.php?id=CVE-2022-49901
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blk_mq_init_allocated_queue There is a kmemleak caused by modprobe null_blk.ko unreferenced object 0xffff8881acb1f000 (size 1024): comm "modprobe", pid 836, jiffies 4294971190 (age 27.068s) hex dump (first 32 bytes): 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N.......... ff ff ff ff ff ff ff ff 00 53 99 9e ff ff ff ff .........S...... backtrace: [<000000004a10c249>] kmalloc_node_trace+0x22/0x60 [<0000000064... • https://git.kernel.org/stable/c/2f8f1336a48bd5186de3476da0a3e2ec06d0533a •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2022-49900 – i2c: piix4: Fix adapter not be removed in piix4_remove()
https://notcve.org/view.php?id=CVE-2022-49900
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix adapter not be removed in piix4_remove() In piix4_probe(), the piix4 adapter will be registered in: piix4_probe() piix4_add_adapters_sb800() / piix4_add_adapter() i2c_add_adapter() Based on the probed device type, piix4_add_adapters_sb800() or single piix4_add_adapter() will be called. For the former case, piix4_adapter_count is set as the number of adapters, while for antoher case it is not set and kept default *zero*. When... • https://git.kernel.org/stable/c/528d53a1592b0e27c423f7cafc1df85f77fc1163 •
CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2022-49899 – fscrypt: stop using keyrings subsystem for fscrypt_master_key
https://notcve.org/view.php?id=CVE-2022-49899
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscrypt_master_key The approach of fs/crypto/ internally managing the fscrypt_master_key structs as the payloads of "struct key" objects contained in a "struct key" keyring has outlived its usefulness. The original idea was to simplify the code by reusing code from the keyrings subsystem. However, several issues have arisen that can't easily be resolved: - When a master key struct is destroyed, blk... • https://git.kernel.org/stable/c/22d94f493bfb408fdd764f7b1d0363af2122fba5 •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2022-49898 – btrfs: fix tree mod log mishandling of reallocated nodes
https://notcve.org/view.php?id=CVE-2022-49898
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix tree mod log mishandling of reallocated nodes We have been seeing the following panic in production kernel BUG at fs/btrfs/tree-mod-log.c:677! invalid opcode: 0000 [#1] SMP RIP: 0010:tree_mod_log_rewind+0x1b4/0x200 RSP: 0000:ffffc9002c02f890 EFLAGS: 00010293 RAX: 0000000000000003 RBX: ffff8882b448c700 RCX: 0000000000000000 RDX: 0000000000008000 RSI: 00000000000000a7 RDI: ffff88877d831c00 RBP: 0000000000000002 R08: 000000000000009... • https://git.kernel.org/stable/c/bd989ba359f2acb8bc5f5490e19010fc0a6f8356 •
CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2022-49897 – fscrypt: fix keyring memory leak on mount failure
https://notcve.org/view.php?id=CVE-2022-49897
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fscrypt: fix keyring memory leak on mount failure Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key") moved the keyring destruction from __put_super() to generic_shutdown_super() so that the filesystem's block device(s) are still available. Unfortunately, this causes a memory leak in the case where a mount is attempted with the test_dummy_encryption mount option, but the mount fails after the option has alr... • https://git.kernel.org/stable/c/ccd30a476f8e864732de220bd50e6f372f5ebcab •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2022-49896 – cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak
https://notcve.org/view.php?id=CVE-2022-49896
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak When a cxl_nvdimm object goes through a ->remove() event (device physically removed, nvdimm-bridge disabled, or nvdimm device disabled), then any associated regions must also be disabled. As highlighted by the cxl-create-region.sh test [1], a single device may host multiple regions, but the driver was only tracking one region at a time. This leads to a situation where only the last enabled r... • https://git.kernel.org/stable/c/04ad63f086d1a9649b8b082748cbc7a570ade461 •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2022-49895 – cxl/region: Fix decoder allocation crash
https://notcve.org/view.php?id=CVE-2022-49895
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxl_port_attach_region() fails to find a port decoder (as would be expected), and drops into the failure / cleanup path. However, during cleanup of the region reference, a sanity check attempts to dereference the decoder, which in th... • https://git.kernel.org/stable/c/384e624bb211b406db40edc900bb51af8bb267d0 •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2022-49894 – cxl/region: Fix region HPA ordering validation
https://notcve.org/view.php?id=CVE-2022-49894
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devm_cxl_add_region: cxl_acpi cxl_acpi.0: decoder3.4: created region9 BUG: kernel NULL pointer dereference, address: 0000000000000000 [..] RIP: 0010:store_targetN+0x655/0x1740 [cxl_core] [..] Call Trace:
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49893 – cxl/region: Fix cxl_region leak, cleanup targets at region delete
https://notcve.org/view.php?id=CVE-2022-49893
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix cxl_region leak, cleanup targets at region delete When a region is deleted any targets that have been previously assigned to that region hold references to it. Trigger those references to drop by detaching all targets at unregister_region() time. Otherwise that region object will leak as userspace has lost the ability to detach targets once region sysfs is torn down. In the Linux kernel, the following vulnerability has been ... • https://git.kernel.org/stable/c/b9686e8c8e39d4072081ef078c04915ee51c8af4 •
CVSS: 7.0EPSS: %CPEs: 8EXPL: 0CVE-2022-49892 – ftrace: Fix use-after-free for dynamic ftrace_ops
https://notcve.org/view.php?id=CVE-2022-49892
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftrace_ops KASAN reported a use-after-free with ftrace ops [1]. It was found from vmcore that perf had registered two ops with the same content successively, both dynamic. After unregistering the second ops, a use-after-free occurred. In ftrace_shutdown(), when the second ops is unregistered, the FTRACE_UPDATE_CALLS command is not set because there is another enabled ops with the same content. Also, bo... • https://git.kernel.org/stable/c/edb096e00724f02db5f6ec7900f3bbd465c6c76f •