CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50859 – cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
https://notcve.org/view.php?id=CVE-2022-50859
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message Commit d5c7076b772a ("smb3: add smb3.1.1 to default dialect list") extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect, then the message length is larger than expected. This maybe leak some info through network because not initialize the message body. After apply this patch, the VALIDATE_NEGOTIATE_INFO message length is reduced fr... • https://git.kernel.org/stable/c/d5c7076b772ad7dcdb92303397b36aee8fa0d25d •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50858 – mmc: alcor: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50858
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/c5413ad815a675b5c98a002353d8e96b44b164e9 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50857 – rapidio: rio: fix possible name leak in rio_register_mport()
https://notcve.org/view.php?id=CVE-2022-50857
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rio_register_mport() If device_register() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and list_del() is called to delete the port from rio_mports. • https://git.kernel.org/stable/c/2aaf308b95b24649a6dcfed89cd956e972089b2a •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50856 – cifs: Fix xid leak in cifs_ses_add_channel()
https://notcve.org/view.php?id=CVE-2022-50856
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/d70e9fa55884760b6d6c293dbf20d8c52ce11fb7 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50855 – bpf: prevent leak of lsm program after failed attach
https://notcve.org/view.php?id=CVE-2022-50855
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In [0], we added the ability to bpf_prog_attach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPF_LSM_CGROUP, we return too early if the check fails. This results in lack of decrementing prog's refcnt (through bpf_prog_put) leaving the LSM program alive past the point of the expected lifecycle. This fix allows for the decrement to take pla... • https://git.kernel.org/stable/c/69fd337a975c7e690dfe49d9cb4fe5ba1e6db44e •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50854 – nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()
https://notcve.org/view.php?id=CVE-2022-50854
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() skb should be free in virtual_nci_send(), otherwise kmemleak will report memleak. Steps for reproduction (simulated in qemu): cd tools/testing/selftests/nci make ./nci_dev BUG: memory leak unreferenced object 0xffff888107588000 (size 208): comm "nci_dev", pid 206, jiffies 4294945376 (age 368.248s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .............. • https://git.kernel.org/stable/c/e624e6c3e777fb3dfed036b9da4d433aee3608a5 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50853 – NFSv4: Fix a credential leak in _nfs4_discover_trunking()
https://notcve.org/view.php?id=CVE-2022-50853
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in _nfs4_discover_trunking() The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/ead049562758cc415437c0e99b09ce5eb2ab3dc0 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50852 – wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()
https://notcve.org/view.php?id=CVE-2022-50852
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() Don't dereference "sar_root" after it has been freed. • https://git.kernel.org/stable/c/f965333e491e36adb0fa91e389fba8685b704fb6 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50851 – vhost_vdpa: fix the crash in unmap a large memory
https://notcve.org/view.php?id=CVE-2022-50851
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: fix the crash in unmap a large memory While testing in vIOMMU, sometimes Guest will unmap very large memory, which will cause the crash. To fix this, add a new function vhost_vdpa_general_unmap(). This function will only unmap the memory that saved in iotlb. Call Trace: [ 647.820144] ------------[ cut here ]------------ [ 647.820848] kernel BUG at drivers/iommu/intel/iommu.c:1174! [ 647.821486] invalid opcode: 0000 [#1] PREEMPT ... • https://git.kernel.org/stable/c/4c8cf31885f69e86be0b5b9e6677a26797365e1d •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50850 – scsi: ipr: Fix WARNING in ipr_init()
https://notcve.org/view.php?id=CVE-2022-50850
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in ipr_init() ipr_init() will not call unregister_reboot_notifier() when pci_register_driver() fails, which causes a WARNING. Call unregister_reboot_notifier() when pci_register_driver() fails. notifier callback ipr_halt [ipr] already registered WARNING: CPU: 3 PID: 299 at kernel/notifier.c:29 notifier_chain_register+0x16d/0x230 Modules linked in: ipr(+) xhci_pci_renesas xhci_hcd ehci_hcd usbcore led_class gpu_sched d... • https://git.kernel.org/stable/c/f72919ec2bbbe1c42cdda7857a96c0c40e1d78aa •