CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49222 – drm/bridge: anx7625: Fix overflow issue on reading EDID
https://notcve.org/view.php?id=CVE-2022-49222
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fix overflow issue on reading EDID The length of EDID block can be longer than 256 bytes, so we should use `int` instead of `u8` for the `edid_pos` variable. • https://git.kernel.org/stable/c/8bdfc5dae4e3ba4d99dfb430ef43249e5f1b7730 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49221 – drm/msm/dp: populate connector of struct dp_panel
https://notcve.org/view.php?id=CVE-2022-49221
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: populate connector of struct dp_panel DP CTS test case 4.2.2.6 has valid edid with bad checksum on purpose and expect DP source return correct checksum. During drm edid read, correct edid checksum is calculated and stored at connector::real_edid_checksum. The problem is struct dp_panel::connector never be assigned, instead the connector is stored in struct msm_dp::connector. When we run compliance testing test case 4.2.2.6 dp_pa... • https://git.kernel.org/stable/c/f86bc4a1a401d3691bad41e67f9db0c2ea94da32 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49220 – dax: make sure inodes are flushed before destroy cache
https://notcve.org/view.php?id=CVE-2022-49220
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprobe -r nd_pmem [ 10.060014] BUG dax_cache (Not tainted): Objects remaining in dax_cache on __kmem_cache_shutdown() [ 10.060938] Slab 0x0000000085b729ac objects=9 used=1 fp=0x000000004f5ae469 flags=0x200000000010200(slab|head|node) [ 10.062433] Call Trace: [ 10.062673] dump_stack_lvl+0x34/0x44 [ 10.062865] slab_err+0x... • https://git.kernel.org/stable/c/7b6be8444e0f0dd675b54d059793423d3c9b4c03 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49219 – vfio/pci: fix memory leak during D3hot to D0 transition
https://notcve.org/view.php?id=CVE-2022-49219
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix memory leak during D3hot to D0 transition If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device does not have No_Soft_Reset bit set in its PMCSR config register), then the current PCI state will be saved locally in 'vfio_pci_core_device::pm_save' during D0->D3hot transition and same will be restored back during D3hot->D0 transition. For saving the PCI state locally, pci_store_saved_state() is being used and the pci_lo... • https://git.kernel.org/stable/c/51ef3a004b1eb6241e56b3aa8495769a092a4dc2 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49218 – drm/dp: Fix OOB read when handling Post Cursor2 register
https://notcve.org/view.php?id=CVE-2022-49218
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The link_status array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read, found with a -Warray-bounds build: drivers/gpu/drm/drm_dp_helper.c: In function 'drm_dp_get_adjust_request_post_cursor': drivers/gpu/drm/drm_dp_helper.c:59:27: error: array subscript 10 is outside array bounds of 'const u8[6]' {aka 'co... • https://git.kernel.org/stable/c/79465e0ffeb9e4866939ea562bc55367be91e595 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49217 – scsi: pm8001: Fix abort all task initialization
https://notcve.org/view.php?id=CVE-2022-49217
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xx_send_abort_all(), the n_elem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero n_elem resulting in the execution of invalid dma_unmap_sg() calls in pm8001_ccb_task_free(), causing a crash such as: [ 197.676341] RIP: 0010:iommu_dma_unmap_sg+0x6d/0x280 [ 197.700204] RSP: 0018:ffff889bbcf8... • https://git.kernel.org/stable/c/c6b9ef5779c3e1edfa9de949d2a51252bc347663 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49216 – drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
https://notcve.org/view.php?id=CVE-2022-49216
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe The reference taken by 'of_find_device_by_node()' must be released when not needed anymore. Add put_device() call to fix this. • https://git.kernel.org/stable/c/e94236cde4d519cdecd45e2435defba33abdc99f •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49215 – xsk: Fix race at socket teardown
https://notcve.org/view.php?id=CVE-2022-49215
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xsk_unbind_dev() starts by setting xs->state to XSK_UNBOUND, sets xs->dev to NULL and then waits for any NAPI processing to terminate using synchronize_net(). After that, the release code starts to tear down the socket state and free allocated memory. BUG: kernel NULL pointer dereferen... • https://git.kernel.org/stable/c/42fddcc7c64b723a867c7b2f5f7505e244212f13 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49214 – powerpc/64s: Don't use DSISR for SLB faults
https://notcve.org/view.php?id=CVE-2022-49214
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 ("powerpc/mm: Show if a bad page fault on data is read or write.") we use page_fault_is_write(regs->dsisr) in __bad_page_fault() to determine if the fault is for a read or write, and change the message printed accordingly. But SLB faults, aka Data Segment Interrupts, don't set DSISR (Data Storage Interrupt Status Register) to a useful value. All ISA versions from v2.03 th... • https://git.kernel.org/stable/c/46ddcb3950a28c0df4815e8dbb8d4b91d5d9f22d •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49213 – ath10k: Fix error handling in ath10k_setup_msa_resources
https://notcve.org/view.php?id=CVE-2022-49213
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10k_setup_msa_resources The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. • https://git.kernel.org/stable/c/727fec790ead3d75e2735f66209949c2163523ea •