CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49104 – staging: vchiq_core: handle NULL result of find_service_by_handle
https://notcve.org/view.php?id=CVE-2022-49104
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: vchiq_core: handle NULL result of find_service_by_handle In case of an invalid handle the function find_servive_by_handle returns NULL. So take care of this and avoid a NULL pointer dereference. • https://git.kernel.org/stable/c/aa0b7296785312a4bfa8fac0ba8ad78698fd9fcf •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49103 – NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
https://notcve.org/view.php?id=CVE-2022-49103
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify() [You don't often get email from xiongx18@fudan.edu.cn. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.] The reference counting issue happens in two error paths in the function _nfs42_proc_copy_notify(). In both error paths, the function simply returns the error code and forgets to balance the refcount of object `ctx`, bumped by get_nfs_open_context(... • https://git.kernel.org/stable/c/9b9feec97c1fc7dd9bb69f62c4905cddf1801599 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49102 – habanalabs: fix possible memory leak in MMU DR fini
https://notcve.org/view.php?id=CVE-2022-49102
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL (which will likely happen as the DR and HR are not dependent). • https://git.kernel.org/stable/c/12e49aefda2e04b07604f13e03f40027cbeb0dc6 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49101 – xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
https://notcve.org/view.php?id=CVE-2022-49101
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 The sched_clock() can be used very early since commit 857baa87b642 ("sched/clock: Enable sched clock early"). In addition, with commit 38669ba205d1 ("x86/xen/time: Output xen sched_clock time from 0"), kdump kernel in Xen HVM guest may panic at very early stage when accessing &__this_cpu_read(xen_vcpu)->time as in below: setup_arch() -> init_hypervisor_platform() -> x86_init.hy... • https://git.kernel.org/stable/c/0848767dee78c00c5646eef9b3201ee14ce68563 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49100 – virtio_console: eliminate anonymous module_init & module_exit
https://notcve.org/view.php?id=CVE-2022-49100
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an initcall_debug log. Give each of these init and exit functions unique driver-specific names to eliminate the anonymous names. Example 1: (System.map) ffffffff832fc78c t init ffffffff832fc79e t init ffffffff832fc8f8 t init Example 2: (init... • https://git.kernel.org/stable/c/93e3d88321d2274fa4e26b006e19cc10fec331c2 •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2022-49098 – Drivers: hv: vmbus: Fix potential crash on module unload
https://notcve.org/view.php?id=CVE-2022-49098
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as module, it is required that the driver handles both registering and unregistering such panic notifier callback. After commit 74347a99e73a ("x86/Hyper-V: Unload vmbus channel in hv panic callback") though, the panic notifier registration is... • https://git.kernel.org/stable/c/5e059fc0f054309036d3f612bc8b0a502ca58545 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49097 – NFS: Avoid writeback threads getting stuck in mempool_alloc()
https://notcve.org/view.php?id=CVE-2022-49097
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempool_alloc() In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempool_alloc(). • https://git.kernel.org/stable/c/c74e2f6ecc51bd08bb5b0335477dba954a50592e •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49096 – net: sfc: add missing xdp queue reinitialization
https://notcve.org/view.php?id=CVE-2022-49096
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDP_TX or XDP_REDIRECT. When tx/rx ring buffer size is changed(ethtool -G), sfc driver reallocates and reinitializes rx and tx queues and their buffer (tx_queue->buffer). But it misses reinitializing xdp queues(efx->xdp_tx_queues). So, while it is acting XDP_TX or XDP_REDIRECT, it uses the uninitialized tx_queue->buffer... • https://git.kernel.org/stable/c/3990a8fffbdad5765f47ea593f9de66c91762059 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49095 – scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
https://notcve.org/view.php?id=CVE-2022-49095
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add the missing iounmap() call in the remove function. • https://git.kernel.org/stable/c/45804fbb00eea27bdf4d62751681228a9e2844e9 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49094 – net/tls: fix slab-out-of-bounds bug in decrypt_internal
https://notcve.org/view.php?id=CVE-2022-49094
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decrypt_internal The memory size of tls_ctx->rx.iv for AES128-CCM is 12 setting in tls_set_sw_offload(). The return value of crypto_aead_ivsize() for "ccm(aes)" is 16. So memcpy() require 16 bytes from 12 bytes memory space will trigger slab-out-of-bounds bug as following: ================================================================== BUG: KASAN: slab-out-of-bounds in decrypt_internal+0x385/0xc40 [... • https://git.kernel.org/stable/c/f295b3ae9f5927e084bd5decdff82390e3471801 •