
CVE-2021-47622 – scsi: ufs: Fix a deadlock in the error handler
https://notcve.org/view.php?id=CVE-2021-47622
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler() queues work that calls ufshcd_err_handler() - ufshcd_err_handler() locks up as follows: Workqueue: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Call trace: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 schedule+0x12c/0x298... • https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724 •

CVE-2022-48785 – ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()
https://notcve.org/view.php?id=CVE-2022-48785
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() Some time ago 8965779d2c0e ("ipv6,mcast: always hold idev->lock before mca_lock") switched ipv6_get_lladdr() to __ipv6_get_lladdr(), which is rcu-unsafe version. ... [last unloaded: kheaders] [ 3406.476714][T230589] ---[ end trace 3525a7655f2f3b9e ]--- In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()... • https://git.kernel.org/stable/c/88e2ca3080947fe22eb520c1f8231e79a105d011 •

CVE-2022-48784 – cfg80211: fix race in netlink owner interface destruction
https://notcve.org/view.php?id=CVE-2022-48784
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race where the exact same deadlock (see the original commit referenced below) can still happen if cfg80211_destroy_ifaces() already runs while nl80211_netlink_notify() is still marking some interfaces as nl_owner_dead. In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner i... • https://git.kernel.org/stable/c/ea6b2098dd02789f68770fd3d5a373732207be2f •

CVE-2022-48783 – net: dsa: lantiq_gswip: fix use after free in gswip_remove()
https://notcve.org/view.php?id=CVE-2022-48783
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). • https://git.kernel.org/stable/c/e177d2e85ebcd3008c4b2abc293f4118e04eedef •

CVE-2022-48782 – mctp: fix use after free
https://notcve.org/view.php?id=CVE-2022-48782
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use of memory after it is freed trace_mctp_key_acquire(key); ^~~~~~~~~~~~~~~~~~~~~~~~~~~ When mctp_key_add() fails, key is freed but then is later used in trace_mctp_key_acquire(). In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warnin... • https://git.kernel.org/stable/c/4f9e1ba6de45aa8797a83f1fe5b82ec4bac16899 •

CVE-2022-48781 – crypto: af_alg - get rid of alg_memory_allocated
https://notcve.org/view.php?id=CVE-2022-48781
16 Jul 2024 — general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 PID: 3591 Comm: syz-executor153 Not tainted 5.17.0-rc3-syzkaller-00316-gb81b1829e7e3 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:sk_prot_mem_limits include/net/sock.h:1523 [inline] RIP: 0010:sock_reserve_memory+0x1d7/0x330 net/core/sock.c:1000 Code: 08 00 74 08 48 8... • https://git.kernel.org/stable/c/2bb2f5fb21b0486ff69b7b4a1fe03a760527d133 •

CVE-2022-48780 – net/smc: Avoid overwriting the copies of clcsock callback functions
https://notcve.org/view.php?id=CVE-2022-48780
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. ... • https://git.kernel.org/stable/c/0ef6049f664941bc0f75828b3a61877635048b27 •

CVE-2022-48779 – net: mscc: ocelot: fix use-after-free in ocelot_vlan_del()
https://notcve.org/view.php?id=CVE-2022-48779
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if this is the same as the port's pvid_vlan which we access afterwards, what we're accessing is freed memory. In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan,... • https://git.kernel.org/stable/c/d4004422f6f9fa8e55c04482008c1c9f9edd2d19 •

CVE-2022-48778 – mtd: rawnand: gpmi: don't leak PM reference in error path
https://notcve.org/view.php?id=CVE-2022-48778
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. • https://git.kernel.org/stable/c/29218853877a748a2ca41d9957a84b2d6a7f56a7 •

CVE-2022-48777 – mtd: parsers: qcom: Fix kernel panic on skipped partition
https://notcve.org/view.php?id=CVE-2022-48777
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup ... • https://git.kernel.org/stable/c/803eb124e1a64e42888542c3444bfe6dac412c7f •