CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48789 – nvme-tcp: fix possible use-after-free in transport error_recovery work
https://notcve.org/view.php?id=CVE-2022-48789
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .... • https://git.kernel.org/stable/c/3f2304f8c6d6ed97849057bd16fee99e434ca796 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48788 – nvme-rdma: fix possible use-after-free in transport error_recovery work
https://notcve.org/view.php?id=CVE-2022-48788
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race... • https://git.kernel.org/stable/c/5593f72d1922403c11749532e3a0aa4cf61414e9 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48787 – iwlwifi: fix use-after-free
https://notcve.org/view.php?id=CVE-2022-48787
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which then in iwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the f... • https://git.kernel.org/stable/c/8e10749fa1a454c1e7214f36cec83241f5a36ef1 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48786 – vsock: remove vsock from connected table when connect is interrupted by a signal
https://notcve.org/view.php?id=CVE-2022-48786
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be in the TCP_ESTABLISHED state when the connecting task wakes up with a signal pending. In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be ... • https://git.kernel.org/stable/c/d021c344051af91f42c5ba9fdedc176740cbd238 • CWE-371: State Issues •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47624 – net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change
https://notcve.org/view.php?id=CVE-2021-47624
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. ... A memory leak flaw was found in the Linux kernel’s SunRpc filesystem (sysfs). ... • https://git.kernel.org/stable/c/5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47623 – powerpc/fixmap: Fix VM debug warning on unmap
https://notcve.org/view.php?id=CVE-2021-47623
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/fixmap: Fix VM debug warning on unmap Unmapping a fixmap entry is done by calling __set_fixmap() with FIXMAP_PAGE_CLEAR as flags. In the Linux kernel, the following vulnerability has been resolved: powerpc/fixmap: Fix VM debug warning on unmap Unmapping a fixmap entry is done by calling __set_fixmap() with FIXMAP_PAGE_CLEAR as flags. ... • https://git.kernel.org/stable/c/67baac10dd5ad1e9f50e8f2659984b3b0728d54e • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47622 – scsi: ufs: Fix a deadlock in the error handler
https://notcve.org/view.php?id=CVE-2021-47622
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler() queues work that calls ufshcd_err_handler() - ufshcd_err_handler() locks up as follows: Workqueue: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Call trace: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 schedule+0x12c/0x298... • https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48785 – ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()
https://notcve.org/view.php?id=CVE-2022-48785
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() Some time ago 8965779d2c0e ("ipv6,mcast: always hold idev->lock before mca_lock") switched ipv6_get_lladdr() to __ipv6_get_lladdr(), which is rcu-unsafe version. ... [last unloaded: kheaders] [ 3406.476714][T230589] ---[ end trace 3525a7655f2f3b9e ]--- In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()... • https://git.kernel.org/stable/c/88e2ca3080947fe22eb520c1f8231e79a105d011 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48784 – cfg80211: fix race in netlink owner interface destruction
https://notcve.org/view.php?id=CVE-2022-48784
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race where the exact same deadlock (see the original commit referenced below) can still happen if cfg80211_destroy_ifaces() already runs while nl80211_netlink_notify() is still marking some interfaces as nl_owner_dead. In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner i... • https://git.kernel.org/stable/c/ea6b2098dd02789f68770fd3d5a373732207be2f •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48783 – net: dsa: lantiq_gswip: fix use after free in gswip_remove()
https://notcve.org/view.php?id=CVE-2022-48783
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). • https://git.kernel.org/stable/c/e177d2e85ebcd3008c4b2abc293f4118e04eedef •