CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2022-49619 – net: sfp: fix memory leak in sfp_probe()
https://notcve.org/view.php?id=CVE-2022-49619
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfp_probe() sfp_probe() allocates a memory chunk from sfp with sfp_alloc(). When devm_add_action() fails, sfp is not freed, which leads to a memory leak. We should use devm_add_action_or_reset() instead of devm_add_action(). In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfp_probe() sfp_probe() allocates a memory chunk from sfp with sfp_alloc(). When devm_add_act... • https://git.kernel.org/stable/c/9ec5a97f327a89031fce6cfc3e95543c53936638 •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2022-49618 – pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()
https://notcve.org/view.php?id=CVE-2022-49618
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() pdesc could be null but still dereference pdesc->name and it will lead to a null pointer access. So we move a null check before dereference. In the Linux kernel, the following vulnerability has been resolved: pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() pdesc could be null but still dereference pdesc->name and it will lead to a null poin... • https://git.kernel.org/stable/c/ef1e38532f4b2f0f3b460e938a2e7076c3bed5ee •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2022-49617 – ASoC: Intel: sof_sdw: handle errors on card registration
https://notcve.org/view.php?id=CVE-2022-49617
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: handle errors on card registration If the card registration fails, typically because of deferred probes, the device properties added for headset codecs are not removed, which leads to kernel oopses in driver bind/unbind tests. We already clean-up the device properties when the card is removed, this code can be moved as a helper and called upon card registration errors. In the Linux kernel, the following vulnerability h... • https://git.kernel.org/stable/c/f2556ce6b35ae0fc72000a4daa21ded12665e2f2 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2022-49616 – ASoC: rt7*-sdw: harden jack_detect_handler
https://notcve.org/view.php?id=CVE-2022-49616
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card pointer, which can lead to NULL dereferences encountered in driver bind/unbind tests. In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset... • https://git.kernel.org/stable/c/07a606e1389a63b61cb8cd591026f30529117573 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2022-49615 – ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error
https://notcve.org/view.php?id=CVE-2022-49615
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711->component doesn't be assigned yet. If IO error happened during initial settings operations, it will cause the kernel panic. This patch changed component->dev to slave->dev to fix this issue. In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NU... • https://git.kernel.org/stable/c/269be8b2907378adf72d7347cfa43ef230351a06 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49614 – nvme: use struct group for generic command dwords
https://notcve.org/view.php?id=CVE-2022-49614
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme: use struct group for generic command dwords This will allow the trace event to know the full size of the data intended to be copied and silence read overflow checks. In the Linux kernel, the following vulnerability has been resolved: nvme: use struct group for generic command dwords This will allow the trace event to know the full size of the data intended to be copied and silence read overflow checks. • https://git.kernel.org/stable/c/3d8b35387e01cab217dc4691a6f770cbb6ed852c •
CVSS: 7.1EPSS: %CPEs: 7EXPL: 0CVE-2022-49611 – x86/speculation: Fill RSB on vmexit for IBRS
https://notcve.org/view.php?id=CVE-2022-49611
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly is being mitigated. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comme... • https://git.kernel.org/stable/c/3d323b99ff5c8c57005184056d65f6af5b0479d8 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49610 – KVM: VMX: Prevent RSB underflow before vmenter
https://notcve.org/view.php?id=CVE-2022-49610
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. Balanced returns (matched by a preceding call) are usually ok, but it's at least theoretically possible an NMI with a deep call stack could empty the RSB before one of the returns. For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write an... • https://git.kernel.org/stable/c/afd743f6dde87296c6f3414706964c491bb85862 •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49609 – power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
https://notcve.org/view.php?id=CVE-2022-49609
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe of_find_matching_node_and_match() returns... • https://git.kernel.org/stable/c/0e545f57b708630c54c8c5c24ea7f7034f6c40d9 •
CVSS: 4.7EPSS: %CPEs: 11EXPL: 0CVE-2022-49607 – perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
https://notcve.org/view.php?id=CVE-2022-49607
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() Yang Jihing reported a race between perf_event_set_output() and perf_mmap_close(): CPU1 CPU2 perf_mmap_close(e2) if (atomic_dec_and_test(&e2->rb->mmap_count)) // 1 - > 0 detach_rest = true ioctl(e1, IOC_SET_OUTPUT, e2) perf_event_set_output(e1, e2) ... list_for_each_entry_rcu(e, &e2->rb->event_list, rb_entry) ring_buffer_attach(e, NULL); // e1 isn't yet added and... • https://git.kernel.org/stable/c/9bb5d40cd93c9dd4be74834b1dcb1ba03629716b •