CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48883 – net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent
https://notcve.org/view.php?id=CVE-2022-48883
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx queues when creating an interface via netlink. This doesn't work for child PKEY interfaces because the child interface uses the parent receive channels. Although the child shares the parent's receive channels, the number of rx queues is important for the channel_stats array: the parent's rx channel index is used to access the child's channel_stats. So the array has to be at least as large as the parent's rx queue size for the counting to work correctly and to prevent out of bound accesses. This patch checks for the mentioned scenario and returns an error when trying to create the interface. The error is propagated to the user. • https://git.kernel.org/stable/c/be98737a4faa3a0dc1781ced5bbf5c47865e29d7 https://git.kernel.org/stable/c/5844a46f09f768da866d6b0ffbf1a9073266bf24 https://git.kernel.org/stable/c/31c70bfe58ef09fe36327ddcced9143a16e9e83d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48882 – net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY)
https://notcve.org/view.php?id=CVE-2022-48882
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY) Upon updating MAC security entity (SecY) in hw offload path, the macsec security association (SA) initialization routine is called. In case of extended packet number (epn) is enabled the salt and ssci attributes are retrieved using the MACsec driver rx_sa context which is unavailable when updating a SecY property such as encoding-sa hence the null dereference. Fix by using the provided SA to set those attributes. • https://git.kernel.org/stable/c/4411a6c0abd3e55b4a4fb9432b3a0553f12337c2 https://git.kernel.org/stable/c/514d9c6a39213d8200884e70f60ce7faef1ee597 https://git.kernel.org/stable/c/9828994ac492e8e7de47fe66097b7e665328f348 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48881 – platform/x86/amd: Fix refcount leak in amd_pmc_probe
https://notcve.org/view.php?id=CVE-2022-48881
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix refcount leak in amd_pmc_probe pci_get_domain_bus_and_slot() takes reference, the caller should release the reference by calling pci_dev_put() after use. Call pci_dev_put() in the error path to fix this. • https://git.kernel.org/stable/c/3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d https://git.kernel.org/stable/c/3944162821295993ec89992dec98ab6be6306cc0 https://git.kernel.org/stable/c/ccb32e2be14271a60e9ba89c6d5660cc9998773c •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48880 – platform/surface: aggregator: Add missing call to ssam_request_sync_free()
https://notcve.org/view.php?id=CVE-2022-48880
In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In that case, the request should be freed via ssam_request_sync_free(). Currently it is leaked instead. Fix this. • https://git.kernel.org/stable/c/c167b9c7e3d6131b4a4865c112a3dbc86d2e997d https://git.kernel.org/stable/c/d2dc110deabe7142b60ebeed689e67f92795ee24 https://git.kernel.org/stable/c/50b3cdf8239b11545f311c4f7b89e0092e4feedb https://git.kernel.org/stable/c/c965daac370f08a9b71d573a71d13cda76f2a884 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48879 – efi: fix NULL-deref in init error path
https://notcve.org/view.php?id=CVE-2022-48879
In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in the unlikely event that EFI initialisation fails to avoid dereferencing a NULL pointer. • https://git.kernel.org/stable/c/2ff3c97b47521d6700cc6485c7935908dcd2c27c https://git.kernel.org/stable/c/5167f194da6947e19a3e970485ee3ccb44f7958d https://git.kernel.org/stable/c/98086df8b70c06234a8f4290c46064e44dafa0ed https://git.kernel.org/stable/c/f591a42b8f9a9d20e01d0462f4f55d2176ac52ec https://git.kernel.org/stable/c/e6584124b9823151ef586d10dedf565ade50cea6 https://git.kernel.org/stable/c/585a0b2b3ae7903c6abee3087d09c69e955a7794 https://git.kernel.org/stable/c/5fcf75a8a4c3e7ee9122d143684083c9faf20452 https://git.kernel.org/stable/c/4ca71bc0e1995d15486cd7b60845602a2 •