CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50197 – cpufreq: zynq: Fix refcount leak in zynq_get_revision
https://notcve.org/view.php?id=CVE-2022-50197
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: zynq: Fix refcount leak in zynq_get_revision of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: cpufreq: zynq: Fix refcount leak in zynq_get_revision of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node... • https://git.kernel.org/stable/c/00f7dc636366f72474b1896f4990b3c086cd2c6d •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50196 – soc: qcom: ocmem: Fix refcount leak in of_get_ocmem
https://notcve.org/view.php?id=CVE-2022-50196
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ocmem: Fix refcount leak in of_get_ocmem of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() will check NULL pointer. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ocmem: Fix refcount leak in of_get_ocmem of_parse_phandle() returns a node pointer with refcount i... • https://git.kernel.org/stable/c/88c1e9404f1deee02e52d13aae3d9ee2cabd66f5 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50195 – ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock
https://notcve.org/view.php?id=CVE-2022-50195
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock Replace gcc PXO phandle to pxo_board fixed clock declared in the dts. gcc driver doesn't provide PXO_SRC as it's a fixed-clock. This cause a kernel panic if any driver actually try to use it. In the Linux kernel, the following vulnerability has been resolved: ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock Replace gcc PXO phandle to pxo_board fixed clock declared in the d... • https://git.kernel.org/stable/c/40cf5c884a965554a424797afb424ffbca4c24b3 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50194 – soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
https://notcve.org/view.php?id=CVE-2022-50194
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register Every iteration of for_each_available_child_of_node() decrements the reference count of the previous node. When breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix ref... • https://git.kernel.org/stable/c/05589b30b21ac0273970b61edd50c07d2ba156af •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50193 – erofs: wake up all waiters after z_erofs_lzma_head ready
https://notcve.org/view.php?id=CVE-2022-50193
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: wake up all waiters after z_erofs_lzma_head ready When the user mounts the erofs second times, the decompression thread may hung. The problem happens due to a sequence of steps like the following: 1) Task A called z_erofs_load_lzma_config which obtain all of the node from the z_erofs_lzma_head. 2) At this time, task B called the z_erofs_lzma_decompress and wanted to get a node. But the z_erofs_lzma_head was empty, the Task B had to s... • https://git.kernel.org/stable/c/622ceaddb7649ca328832f50ba1400af778d75fa •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50192 – spi: tegra20-slink: fix UAF in tegra_slink_remove()
https://notcve.org/view.php?id=CVE-2022-50192
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: fix UAF in tegra_slink_remove() After calling spi_unregister_master(), the refcount of master will be decrease to 0, and it will be freed in spi_controller_release(), the device data also will be freed, so it will lead a UAF when using 'tspi'. To fix this, get the master before unregister and put it when finish using it. In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: fix UAF in te... • https://git.kernel.org/stable/c/26c863418221344b1cfb8e6c11116b2b81144281 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50191 – regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
https://notcve.org/view.php?id=CVE-2022-50191
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() We should call the of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() We should call the of_node_put() for the reference returned by of_get_child_by_name() which has increased the re... • https://git.kernel.org/stable/c/40e20d68bb3fb1ce2704c886d597918988d3321d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50190 – spi: Fix simplification of devm_spi_register_controller
https://notcve.org/view.php?id=CVE-2022-50190
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: Fix simplification of devm_spi_register_controller This reverts commit 59ebbe40fb51 ("spi: simplify devm_spi_register_controller"). If devm_add_action() fails in devm_add_action_or_reset(), devm_spi_unregister() will be called, it decreases the refcount of 'ctlr->dev' to 0, then it will cause uaf in the drivers that calling spi_put_controller() in error path. In the Linux kernel, the following vulnerability has been resolved: spi: Fix ... • https://git.kernel.org/stable/c/59ebbe40fb51e307032ae7f63b2749fad2d4635a •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50189 – tools/power turbostat: Fix file pointer leak
https://notcve.org/view.php?id=CVE-2022-50189
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix this by fclosing the file before the return. Detected using static analysis with cppcheck: tools/power/x86/turbostat/turbostat.c:2039:3: error: Resource leak: fp [resourceLeak] In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails ... • https://git.kernel.org/stable/c/eae97e053fe306edbbe60c934031edf9a8affd3f •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50188 – drm/meson: Fix refcount leak in meson_encoder_hdmi_init
https://notcve.org/view.php?id=CVE-2022-50188
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in meson_encoder_hdmi_init of_find_device_by_node() takes reference, we should use put_device() to release it when not need anymore. Add missing put_device() in error path to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in meson_encoder_hdmi_init of_find_device_by_node() takes reference, we should use put_device() to release it when not nee... • https://git.kernel.org/stable/c/0af5e0b41110e2da872030395231ab19c45be931 •