CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50819 – udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
https://notcve.org/view.php?id=CVE-2022-50819
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g. OOM) the creation of the sg table fails, ubuf->sg needs to be set to NULL. Otherwise, when the userspace subsequently closes the dmabuf fd, we'd try to erroneously free the invalid sg table from release_udmabuf resulting in the following crash reported by syzbot: general protection fault, probably for non-canoni... • https://git.kernel.org/stable/c/284562e1f34874e267d4f499362c3816f8f6bc3f •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50818 – scsi: pm8001: Fix running_req for internal abort commands
https://notcve.org/view.php?id=CVE-2022-50818
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix running_req for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@(none)$ more /sys/class/sas_phy/phy-0:0:8/target_port_protocols sata root@(none)$ echo 0 > sys/class/sas_phy/phy-0:0:8/enable root@(none)$ [ 67.855950] sas: ex 500e004aaaaaaa1f phy08 change count has changed [ 67.920585] sd 0:0:2:0: [sdc] Synchronizing SCSI cache [ 67.925780] sd 0:0:2:0: [sdc] Synchronize Cache(10) failed: ... • https://git.kernel.org/stable/c/2cbbf489778eb9dde51392ec5f74ae2868e4b857 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50817 – net: hsr: avoid possible NULL deref in skb_clone()
https://notcve.org/view.php?id=CVE-2022-50817
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skb_clone() syzbot got a crash [1] in skb_clone(), caused by a bug in hsr_get_untagged_frame(). When/if create_stripped_skb_hsr() returns NULL, we must not attempt to call skb_clone(). While we are at it, replace a WARN_ONCE() by netdev_warn_once(). [1] general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x00000000... • https://git.kernel.org/stable/c/f266a683a4804dc499efc6c2206ef68efed029d0 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50816 – ipv6: ensure sane device mtu in tunnels
https://notcve.org/view.php?id=CVE-2022-50816
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report [1] with no reproducer hints at a bug in ip6_gre tunnel (dev:ip6gretap0) Since ipv6 mcast code makes sure to read dev->mtu once and applies a sanity check on it (see commit b9b312a7a451 "ipv6: mcast: better catch silly mtu values"), a remaining possibility is that a layer is able to set dev->mtu to an underflowed value (high order bit set). This could happen indeed in ip6gre_tnl_... • https://git.kernel.org/stable/c/c12b395a46646bab69089ce7016ac78177f6001f •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50815 – ext2: Add sanity checks for group and filesystem size
https://notcve.org/view.php?id=CVE-2022-50815
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount some crafted filesystems with extremely large group counts. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50814 – crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
https://notcve.org/view.php?id=CVE-2022-50814
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr KASAN reported this Bug: [17619.659757] BUG: KASAN: global-out-of-bounds in param_get_int+0x34/0x60 [17619.673193] Read of size 4 at addr fffff01332d7ed00 by task read_all/1507958 ... [17619.698934] The buggy address belongs to the variable: [17619.708371] sgl_sge_nr+0x0/0xffffffffffffa300 [hisi_zip] There is a mismatch in hisi_zip when get/set the variable sgl_sge_nr. The type of s... • https://git.kernel.org/stable/c/f081fda293ffba54216a7dab66faba7275475006 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50813 – drivers: mcb: fix resource leak in mcb_probe()
https://notcve.org/view.php?id=CVE-2022-50813
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcb_probe() When probe hook function failed in mcb_probe(), it doesn't put the device. Compiled test only. • https://git.kernel.org/stable/c/7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50812 – security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
https://notcve.org/view.php?id=CVE-2022-50812
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences (see the links above the check for more information). Restrict CONFIG_CC_HAS_ZERO_CALL_USED_REGS to either a supported GCC version or a clang newer than 15.0.6, which will catch both a theoretical 15.0.7 and the upcoming 16.0.0, which will both have the bug fixed. • https://git.kernel.org/stable/c/a82adfd5c7cb4b8bb37ef439aed954f9972bb618 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50811 – erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails
https://notcve.org/view.php?id=CVE-2022-50811
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked. • https://git.kernel.org/stable/c/cec6e93beadfd145758af2c0854fcc2abb8170cb •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50810 – rapidio: devices: fix missing put_device in mport_cdev_open
https://notcve.org/view.php?id=CVE-2022-50810
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing put_device in mport_cdev_open When kfifo_alloc fails, the refcount of chdev->dev is left incremental. We should use put_device(&chdev->dev) to decrease the ref count of chdev->dev to avoid refcount leak. • https://git.kernel.org/stable/c/e8de370188d098bb49483c287b44925957c3c9b6 •