CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50129 – RDMA/srpt: Fix a use-after-free
https://notcve.org/view.php?id=CVE-2022-50129
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srpt_port from regular members into pointers. Allocate the LIO port data structures from inside srpt_make_tport() and free these from inside srpt_make_tport(). Keep struct srpt_device as long as either an RDMA port or a LIO target port is associated with it. This patch decouples the lifetime of struct srpt_port (controlled by the RDMA core) and struct srpt_port_id (co... • https://git.kernel.org/stable/c/a42d985bd5b234da8b61347a78dc3057bf7bb94d •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50126 – jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
https://notcve.org/view.php?id=CVE-2022-50126
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_data == NULL' in jbd2_journal_dirty_metadata(): jbd2_journal_commit_transaction unlink(dir/a) jh->b_transaction = trans1 jh->b_jlist = BJ_Metadata journal->j_running_transaction = NULL trans1->t_state = T_COMMIT unlink(dir/b) handle->h_trans = trans2 do_get_write_access jh->b_modified = 0 jh->b_frozen_data = froze... • https://git.kernel.org/stable/c/470decc613ab2048b619a01028072d932d9086ee •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50123 – ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe
https://notcve.org/view.php?id=CVE-2022-50123
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Fix missing of_node_put() in error paths. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe of_parse_phandle() returns a node pointer with refcount ... • https://git.kernel.org/stable/c/94319ba10ecabc8f28129566d1f5793e3e7a0a79 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50116 – tty: n_gsm: fix deadlock and link starvation in outgoing data path
https://notcve.org/view.php?id=CVE-2022-50116
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the upper and the lower layer are hard coupled in the code. Due to this deadlocks can happen as seen below while transmitting data, especially during ldisc congestion. Furthermore, the data channels starve the control c... • https://git.kernel.org/stable/c/e1eaea46bb4020b38a141b84f88565d4603f8dd0 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50109 – video: fbdev: amba-clcd: Fix refcount leak bugs
https://notcve.org/view.php?id=CVE-2022-50109
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfb_of_init_display(), we should call of_node_put() for the references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() which have increased the refcount. Besides, we should call of_node_put() both in fail path or when the references are not used anymore. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcoun... • https://git.kernel.org/stable/c/d10715be03bd8bad59ddc50236cb140c3bd73c7b •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50106 – powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
https://notcve.org/view.php?id=CVE-2022-50106
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address of_get_next_parent() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() in the error path to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address of_get_next_parent() returns a node pointer with... • https://git.kernel.org/stable/c/ce21b3c9648ae55181787bf25ee00cf91dfd5c91 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50105 – powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
https://notcve.org/view.php?id=CVE-2022-50105
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader of_find_node_by_path() returns remote device nodepointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader of_find_node_by_path() returns remote device nodepointer with refcount ... • https://git.kernel.org/stable/c/0afacde3df4c9980f505d9afd7cb0058389732ca •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50103 – sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
https://notcve.org/view.php?id=CVE-2022-50103
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed With cgroup v2, the cpuset's cpus_allowed mask can be empty indicating that the cpuset will just use the effective CPUs of its parent. So cpuset_can_attach() can call task_can_attach() with an empty mask. This can lead to cpumask_any_and() returns nr_cpu_ids causing the call to dl_bw_of() to crash due to percpu value access of an out of bound CPU value. For example: [80468... • https://git.kernel.org/stable/c/7f51412a415d87ea8598d14722fb31e4f5701257 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50102 – video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
https://notcve.org/view.php?id=CVE-2022-50102
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug in: drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info->var.pixclock) / hmul); with hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0. and then in: drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par-... • https://git.kernel.org/stable/c/681e14730c73cc2c71af282c001de6bc71c22f00 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50101 – video: fbdev: vt8623fb: Check the size of screen before memset_io()
https://notcve.org/view.php?id=CVE-2022-50101
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of 'screen_size' may larger than 'info->screen_size', which may cause the following bug: [ 583.339036] BUG: unable to handle page fault for address: ffffc90005000000 [ 583.339049] #PF: supervisor write access in kernel mode [ 583... • https://git.kernel.org/stable/c/558b7bd86c32978648cda5deb5c758d77ef0c165 •