CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50161 – mtd: maps: Fix refcount leak in of_flash_probe_versatile
https://notcve.org/view.php?id=CVE-2022-50161
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in of_flash_probe_versatile of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in of_flash_probe_versatile of_find_matching_node_and_match() returns a node pointer with refcount ... • https://git.kernel.org/stable/c/b0afd44bc192ff4c0e90a5fc1724350bcfc32b33 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50160 – mtd: maps: Fix refcount leak in ap_flash_init
https://notcve.org/view.php?id=CVE-2022-50160
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in ap_flash_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in ap_flash_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() o... • https://git.kernel.org/stable/c/b0afd44bc192ff4c0e90a5fc1724350bcfc32b33 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50159 – of: check previous kernel's ima-kexec-buffer against memory bounds
https://notcve.org/view.php?id=CVE-2022-50159
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently ima_get_kexec_buffer() doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic if the new kernel is booted with 'mem=X' arg and the ima-kexec-buffer was allocated beyond that range by the previous kernel. The panic is usually of the form below: $ sudo kexec --initrd initrd vmlinux --append... • https://git.kernel.org/stable/c/467d27824920e866af148132f555d40ca1fb199e •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50156 – HID: cp2112: prevent a buffer overflow in cp2112_xfer()
https://notcve.org/view.php?id=CVE-2022-50156
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112_xfer() Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'data->block[1]' too small (33 vs 255) drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too small (64 vs 255) The 'read_length' variable is provided by 'data->block[0]' which comes from user and it(read_length) can take a value between 0-255. Add an upper bound to 'read_length' variable to p... • https://git.kernel.org/stable/c/542134c0375b5ca2b1d18490c02b8a20bfdd8d74 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50153 – usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
https://notcve.org/view.php?id=CVE-2022-50153
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node... • https://git.kernel.org/stable/c/796bcae7361c28cf825780f6f1aac9dd3411394e •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50152 – usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
https://notcve.org/view.php?id=CVE-2022-50152
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node... • https://git.kernel.org/stable/c/73108aa90cbfc663649885a06fe5c1235307de1c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50146 – PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
https://notcve.org/view.php?id=CVE-2022-50146
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors If dw_pcie_ep_init() fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be undone thus causing a memory leak. Add a cleanup-on-error path to fix these leaks. [bhelgaas: commit log] In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors... • https://git.kernel.org/stable/c/2fd0c9d966cc11bb5f73556dd788d12f501d8755 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50144 – soundwire: revisit driver bind/unbind and callbacks
https://notcve.org/view.php?id=CVE-2022-50144
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following sequence to remove machine driver and codec driver. /sbin/modprobe -r snd_soc_sof_sdw /sbin/modprobe -r snd_soc_rt711 The full details can be found in the BugLink below, for reference the two following examples show ... • https://git.kernel.org/stable/c/56d4fe31af77f684bed62fb8201e6327e6ddf4e6 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50141 – mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
https://notcve.org/view.php?id=CVE-2022-50141
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() checks null pointer. In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_nod... • https://git.kernel.org/stable/c/ea35645a3c66a74af92d3bbb4eb131220fc3e58a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50140 – memstick/ms_block: Fix a memory leak
https://notcve.org/view.php?id=CVE-2022-50140
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corresponding bitmap_free() in msb_data_clear(). In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_b... • https://git.kernel.org/stable/c/0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 •