CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50754 – apparmor: fix a memleak in multi_transaction_new()
https://notcve.org/view.php?id=CVE-2022-50754
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix this bug by adding a put_multi_transaction(t) in the error path. In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not ... • https://git.kernel.org/stable/c/1dea3b41e84c5923173fe654dcb758a5cb4a46e5 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50753 – f2fs: fix to do sanity check on summary info
https://notcve.org/view.php?id=CVE-2022-50753
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 BUG: KASAN: use-after-free in recover_data+0x63ae/0x6ae0 [f2fs] Read of size 4 at addr ffff8881464dcd80 by task mount/1013 CPU: 3 PID: 1013 Comm: mount Tainted: G W 6.0.0-rc4 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 Call Trace: dump_stack_lvl+0x45/0x5e print_report.cold+0... • https://git.kernel.org/stable/c/b292dcab068e141d8a820b77cbcc88d98c610eb4 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50752 – md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk()
https://notcve.org/view.php?id=CVE-2022-50752
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate bio free/puts are observed: ============================================================================= BUG bio-200 (Not tainted): Object already free ----------------------------------------------------------------------------- Allocated in mempool_alloc_slab+0x17/0x20 age=3 cpu=2 pid=7504 __slab_alloc.constpr... • https://git.kernel.org/stable/c/c82aa1b76787c34fd02374e519b6f52cdeb2f54b •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50751 – configfs: fix possible memory leak in configfs_create_dir()
https://notcve.org/view.php?id=CVE-2022-50751
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295537735 (age 233.784s) backtrace: kmem_cache_alloc (mm/slub.c:3250 mm/slub.c:3256 mm/slub.c:3263 mm/slub.c:3273) new_fragment (./include/linux/slab.h:600 fs/configfs/dir.c:163) configfs_register_subsystem (fs/configfs/dir.c:1857) basic_wr... • https://git.kernel.org/stable/c/7063fbf2261194f72ee75afca67b3b38b554b5fa •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50750 – drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure
https://notcve.org/view.php?id=CVE-2022-50750
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak. In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security iss... • https://git.kernel.org/stable/c/849b2e3ff9698226ab91e034d52cbb1da92a5b4c •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50749 – acct: fix potential integer overflow in encode_comp_t()
https://notcve.org/view.php?id=CVE-2022-50749
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ...... > 341 exp <<= MANTSIZE; > 342 exp += value; > 343 return exp; > 344 } Currently comp_t is defined as type of '__u16', but the variable 'exp' is type of 'int', so overflow would happen when variable 'exp' in line 343 is greater than 65535. In the Linux... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50748 – ipc: mqueue: fix possible memory leak in init_mqueue_fs()
https://notcve.org/view.php?id=CVE-2022-50748
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Free mq_sysctls if ipc namespace creation failed") Here's a similar memory leak to the one fixed by the patch above. retire_mq_sysctls need to be called when init_mqueue_fs fails after setup_mq_sysctls. In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in init_mqueue_fs() commit db7cfc380900 ("ipc: Fre... • https://git.kernel.org/stable/c/dc55e35f9e810f23dd69cfdc91a3d636023f57a2 •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50747 – hfs: Fix OOB Write in hfs_asc2mac
https://notcve.org/view.php?id=CVE-2022-50747
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_asc2mac+0x467/0x9a0 fs/hfs/trans.c:133 Write of size 1 at addr ffff88801848314e by task syz-executor391/3632 Call Trace:
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50746 – erofs: validate the extent length for uncompressed pclusters
https://notcve.org/view.php?id=CVE-2022-50746
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - m_pa == 0 as a non-inlined pcluster; - The logical length is longer than its physical length. The first issue has already been addressed. This patch addresses the second issue by checking the extent length validity. In the L... • https://git.kernel.org/stable/c/02827e1796b33f1794966f5c3101f8da2dfa9c1d •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50745 – staging: media: tegra-video: fix device_node use after free
https://notcve.org/view.php?id=CVE-2022-50745
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix device_node use after free At probe time this code path is followed: * tegra_csi_init * tegra_csi_channels_alloc * for_each_child_of_node(node, channel) -- iterates over channels * automatically gets 'channel' * tegra_csi_channel_alloc() * saves into chan->of_node a pointer to the channel OF node * automatically gets and puts 'channel' * now the node saved in chan->of_node has refcount 0, can disappear * teg... • https://git.kernel.org/stable/c/1ebaeb09830f36c1111b72a95420814225bd761c •