CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50072 – NFSv4/pnfs: Fix a use-after-free bug in open
https://notcve.org/view.php?id=CVE-2022-50072
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call. In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot o... • https://git.kernel.org/stable/c/6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50071 – mptcp: move subflow cleanup in mptcp_destroy_common()
https://notcve.org/view.php?id=CVE-2022-50071
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcp_destroy_common() If the mptcp socket creation fails due to a CGROUP_INET_SOCK_CREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in __mptcp_destroy_sock() that is not invoked in such code path. In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcp_destroy_common() If the mptcp socket creati... • https://git.kernel.org/stable/c/e16163b6e2b720fb74e5af758546f6dad27e6c9e •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50070 – mptcp: do not queue data on closed subflows
https://notcve.org/view.php?id=CVE-2022-50070
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ipv4/af_inet.c:153 inet_sock_destruct+0x6d0/0x8e0 net/ipv4/af_inet.c:153 Modules linked in: uio_ivshmem(OE) uio(E) CPU: 1 PID: 10818 Comm: kworker/1:16 Tainted: G OE 5.19.0-rc6-g2eae0556bb9d #2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Workqueue: events mptcp_work... • https://git.kernel.org/stable/c/d5f49190def61c47b2faff170ba8fbc48bac4371 •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50069 – BPF: Fix potential bad pointer dereference in bpf_sys_bpf()
https://notcve.org/view.php?id=CVE-2022-50069
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpf_sys_bpf() The bpf_sys_bpf() helper function allows an eBPF program to load another eBPF program from within the kernel. ... do_syscall_64+0x6e/0x90 [ 25.697899][ T228] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.698312][ T228] RIP: 0033:0x7f6d543fb759 [ 25.698624][ T228] Code: 08 5b 89 e8 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d ---truncated--- I... • https://git.kernel.org/stable/c/af2ac3e13e45752af03c8a933f9b6e18841b128b •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50068 – drm/ttm: Fix dummy res NULL ptr deref bug
https://notcve.org/view.php?id=CVE-2022-50068
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix dummy res NULL ptr deref bug Check the bo->resource value before accessing the resource mem_type. • https://git.kernel.org/stable/c/76672cd326c146ded2c2712ff257b8908dcf23d8 •
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50067 – btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
https://notcve.org/view.php?id=CVE-2022-50067
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. ... In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. • https://git.kernel.org/stable/c/ff0e8ed8dfb584575cffc1561f17a1d094e8565b •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50066 – net: atlantic: fix aq_vec index out of range error
https://notcve.org/view.php?id=CVE-2022-50066
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range error. In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->a... • https://git.kernel.org/stable/c/97bde5c4f909a55ab4c36cf0ac9094f6c9e4cdf6 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50065 – virtio_net: fix memory leak inside XPD_TX with mergeable
https://notcve.org/view.php?id=CVE-2022-50065
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was a... • https://git.kernel.org/stable/c/44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50064 – virtio-blk: Avoid use-after-free on suspend/resume
https://notcve.org/view.php?id=CVE-2022-50064
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). ... In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). • https://git.kernel.org/stable/c/4e0400525691d0e676dbe002641f9a61261f1e1b •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50063 – net: dsa: felix: suppress non-changes to the tagging protocol
https://notcve.org/view.php?id=CVE-2022-50063
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way in which dsa_tree_change_tag_proto() works is that when dsa_tree_notify() fails, it doesn't know whether the operation failed mid way in a multi-switch tree, or it failed for a single-switch tree. • https://git.kernel.org/stable/c/7a29d220f4c0745a6d435dbd53c659fbde4998b6 •