CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49123 – ath11k: Fix frames flush failure caused by deadlock
https://notcve.org/view.php?id=CVE-2022-49123
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.421509] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.421831] ath11k_pci 0000:01:00.0: dropping mgmt frame for vdev 0, is_started 0 this means ath11k fails to flush mgmt. frames because wmi_mgmt_tx_work has no chance to run in 5 ... • https://git.kernel.org/stable/c/33e723dc054edfc94da90eecca3b72cb424ce4a3 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49122 – dm ioctl: prevent potential spectre v1 gadget
https://notcve.org/view.php?id=CVE-2022-49122
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via speculative execution by using array_index_nospec. • https://git.kernel.org/stable/c/76c94651005f58885facf9c973007f5ea01ab01f •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49121 – scsi: pm8001: Fix tag leaks on error
https://notcve.org/view.php?id=CVE-2022-49121
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix tag leaks on error In pm8001_chip_set_dev_state_req(), pm8001_chip_fw_flash_update_req(), pm80xx_chip_phy_ctl_req() and pm8001_chip_reg_dev_req() add missing calls to pm8001_tag_free() to free the allocated tag when pm8001_mpi_build_cmd() fails. Similarly, in pm8001_exec_internal_task_abort(), if the chip ->task_abort method fails, the tag allocated for the abort request task must be freed. Add the missing call to pm8001_t... • https://git.kernel.org/stable/c/a0bb65eadbf942024226241d9d99fed17168940b •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49120 – scsi: pm8001: Fix task leak in pm8001_send_abort_all()
https://notcve.org/view.php?id=CVE-2022-49120
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001_send_abort_all() In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail. • https://git.kernel.org/stable/c/2051044d7901f1a9d7be95d0d32e53b88e9548f7 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49119 – scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
https://notcve.org/view.php?id=CVE-2022-49119
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() In pm8001_chip_fw_flash_update_build(), if pm8001_chip_fw_flash_update_build() fails, the struct fw_control_ex allocated must be freed. • https://git.kernel.org/stable/c/d83574666bac4b1462e90df393fbed6c5f57d1a3 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49118 – scsi: hisi_sas: Free irq vectors in order for v3 HW
https://notcve.org/view.php?id=CVE-2022-49118
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in free_irq(), and this will cause a kernel BUG like this: ------------[ cut here ]------------ kernel BUG at drivers/pci/msi.c:369! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Call trace: free_msi_irqs+0x118/0x13c pci_disable_msi+0xfc/0x120 pci_free_irq_vector... • https://git.kernel.org/stable/c/224903cc60d045576393c3b16907742f23e6c740 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49117 – mips: ralink: fix a refcount leak in ill_acc_of_setup()
https://notcve.org/view.php?id=CVE-2022-49117
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mips: ralink: fix a refcount leak in ill_acc_of_setup() of_node_put(np) needs to be called when pdev == NULL. • https://git.kernel.org/stable/c/060a485df4ec1183d543317511cb4caa43468b5d •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49116 – Bluetooth: use memset avoid memory leaks
https://notcve.org/view.php?id=CVE-2022-49116
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks in l2cap_ecred_connect • https://git.kernel.org/stable/c/9567d54e70ff58c2695c2cc2e53c86c67551d3e6 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49115 – PCI: endpoint: Fix misused goto label
https://notcve.org/view.php?id=CVE-2022-49115
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix misused goto label Fix a misused goto label jump since that can result in a memory leak. • https://git.kernel.org/stable/c/7c657c0694ff690e361a13ce41c36b9dfb433ec8 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49114 – scsi: libfc: Fix use after free in fc_exch_abts_resp()
https://notcve.org/view.php?id=CVE-2022-49114
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the reference count reaches zero, it is freed. But ep is still used in the following code, which will lead to a use after free. Return after the fc_exch_release() call to avoid use after free. • https://git.kernel.org/stable/c/4a131d4ea8b581ac9b01d3a72754db4848be3232 •