CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2022-49687 – virtio_net: fix xdp_rxq_info bug after suspend/resume
https://notcve.org/view.php?id=CVE-2022-49687
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcwake -s 10 -m mem)
CVSS: 5.6EPSS: %CPEs: 2EXPL: 0CVE-2022-49686 – usb: gadget: uvc: fix list double add in uvcg_video_pump
https://notcve.org/view.php?id=CVE-2022-49686
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix list double add in uvcg_video_pump A panic can occur if the endpoint becomes disabled and the uvcg_video_pump adds the request back to the req_free list after it has already been queued to the endpoint. The endpoint complete will add the request back to the req_free list. Invalidate the local request handle once it's been queued. <6>[ 246.796704][T13726] configfs-gadget gadget: uvc: uvc_function_set_alt(1, 0) <3>[ 246.... • https://git.kernel.org/stable/c/f9897ec0f6d34e8b2bc2f4c8ab8789351090f3d2 •
CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2022-49685 – iio: trigger: sysfs: fix use-after-free on remove
https://notcve.org/view.php?id=CVE-2022-49685
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irq_work_run_list Read of size 8 at addr 0000000064702248 by task python3/25 Call Trace: irq_work_run_list irq_work_tick update_process_times tick_sched_handle tick_sched_timer __hrtimer_run_queues hrtimer_interrupt Allocated by ... • https://git.kernel.org/stable/c/f38bc926d022ebd67baad6ac7fc22c95fbc6238c •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49684 – iio: adc: aspeed: Fix refcount leak in aspeed_adc_set_trim_data
https://notcve.org/view.php?id=CVE-2022-49684
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: aspeed: Fix refcount leak in aspeed_adc_set_trim_data of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: iio: adc: aspeed: Fix refcount leak in aspeed_adc_set_trim_data of_find_node_by_name() returns a node pointer with refcount incremented, we shou... • https://git.kernel.org/stable/c/d0a4c17b40736b368f1f26602ad162e24b4108e7 •
CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2022-49683 – iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
https://notcve.org/view.php?id=CVE-2022-49683
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client of_parse_phandle() returns a node pointer with refcount incr... • https://git.kernel.org/stable/c/ef04070692a21633ec6a60f80c19b6af44b3cf47 •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49682 – xtensa: Fix refcount leak bug in time.c
https://notcve.org/view.php?id=CVE-2022-49682
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when ... • https://git.kernel.org/stable/c/3e5eb904d9ba657308fc75a5de434b0e58dcb8d7 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49681 – xtensa: xtfpga: Fix refcount leak bug in setup
https://notcve.org/view.php?id=CVE-2022-49681
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put... • https://git.kernel.org/stable/c/b12d5c52f073a0420622aaf2f21b615cce8b36cc •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49680 – ARM: exynos: Fix refcount leak in exynos_map_pmu
https://notcve.org/view.php?id=CVE-2022-49680
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() checks null pointer. In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount i... • https://git.kernel.org/stable/c/fce9e5bb25264153f9f002eada41757118d25ba9 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49679 – ARM: Fix refcount leak in axxia_boot_secondary
https://notcve.org/view.php?id=CVE-2022-49679
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: Fix refcount leak in axxia_boot_secondary of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: Fix refcount leak in axxia_boot_secondary of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it w... • https://git.kernel.org/stable/c/1d22924e1c4e299337e86e290c02c3e3eb43b608 •
CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2022-49678 – soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
https://notcve.org/view.php?id=CVE-2022-49678
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In brcmstb_init_sram, it pass dn to of_address_to_resource(), of_address_to_resource() will call of_find_device_by_node() to take reference, so we should release the reference returned by of_fin... • https://git.kernel.org/stable/c/0b741b8234c86065fb6954d32d427b3f7e14756f •