CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49182 – net: hns3: add vlan list lock to protect vlan list
https://notcve.org/view.php?id=CVE-2022-49182
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list lock to protect vlan list When adding port base VLAN, vf VLAN need to remove from HW and modify the vlan state in vf VLAN list as false. If the periodicity task is freeing the same node, it may cause "use after free" error. This patch adds a vlan list lock to protect the vlan list. • https://git.kernel.org/stable/c/c6075b193462d9a3930fb41f587f94720658752a •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49180 – LSM: general protection fault in legacy_parse_param
https://notcve.org/view.php?id=CVE-2022-49180
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacy_parse_param The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular case Smack sees a mount option that it recognizes, and returns 0. A call to a BPF hook follows, which returns -ENOPARAM, which confuses the caller because Smack has processed its data. The SELinux hook incorrectl... • https://git.kernel.org/stable/c/ddcdda888e14ca451b3ee83d11b65b2a9c8e783b •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49179 – block, bfq: don't move oom_bfqq
https://notcve.org/view.php?id=CVE-2022-49179
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oom_bfqq Our test report a UAF: [ 2073.019181] ================================================================== [ 2073.019188] BUG: KASAN: use-after-free in __bfq_put_async_bfqq+0xa0/0x168 [ 2073.019191] Write of size 8 at addr ffff8000ccf64128 by task rmmod/72584 [ 2073.019192] [ 2073.019196] CPU: 0 PID: 72584 Comm: rmmod Kdump: loaded Not tainted 4.19.90-yk #5 [ 2073.019198] Hardware name: QEMU KVM Virtual Machine... • https://git.kernel.org/stable/c/c4f5a678add58a8a0e7ee5e038496b376ea6d205 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49178 – memstick/mspro_block: fix handling of read-only devices
https://notcve.org/view.php?id=CVE-2022-49178
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: memstick/mspro_block: fix handling of read-only devices Use set_disk_ro to propagate the read-only state to the block layer instead of checking for it in ->open and leaking a reference in case of a read-only device. • https://git.kernel.org/stable/c/057b53c4f87690d626203acef8b63d52a9bf2f43 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49177 – hwrng: cavium - fix NULL but dereferenced coccicheck error
https://notcve.org/view.php?id=CVE-2022-49177
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: hwrng: cavium - fix NULL but dereferenced coccicheck error Fix following coccicheck warning: ./drivers/char/hw_random/cavium-rng-vf.c:182:17-20: ERROR: pdev is NULL but dereferenced. • https://git.kernel.org/stable/c/e47b12f9415169eceda6770fcf45802e0c8d2a66 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49176 – bfq: fix use-after-free in bfq_dispatch_request
https://notcve.org/view.php?id=CVE-2022-49176
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfq_dispatch_request KASAN reports a use-after-free report when doing normal scsi-mq test [69832.239032] ================================================================== [69832.241810] BUG: KASAN: use-after-free in bfq_dispatch_request+0x1045/0x44b0 [69832.243267] Read of size 8 at addr ffff88802622ba88 by task kworker/3:1H/155 [69832.244656] [69832.245007] CPU: 3 PID: 155 Comm: kworker/3:1H Not tainted 5.10.0-1... • https://git.kernel.org/stable/c/74e610b5ee0d95e751280567100509eb11517efa •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49175 – PM: core: keep irq flags in device_pm_check_callbacks()
https://notcve.org/view.php?id=CVE-2022-49175
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in device_pm_check_callbacks() The function device_pm_check_callbacks() can be called under the spin lock (in the reported case it happens from genpd_add_device() -> dev_pm_domain_set(), when the genpd uses spinlocks rather than mutexes. However this function uncoditionally uses spin_lock_irq() / spin_unlock_irq(), thus not preserving the CPU flags. Use the irqsave/irqrestore instead. The backtrace for the reference... • https://git.kernel.org/stable/c/3ec80d52b9b74b9e691997632a543c73eddfeba0 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49174 – ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
https://notcve.org/view.php?id=CVE-2022-49174
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit In case of flex_bg feature (which is by default enabled), extents for any given inode might span across blocks from two different block group. ext4_mb_mark_bb() only reads the buffer_head of block bitmap once for the starting block group, but it fails to read it again when the extent length boundary overflows to another block group. Then in this below loop it accesses memory beyond t... • https://git.kernel.org/stable/c/cd6d719534af993210306f8a13f9cb3e615f7c8d •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49173 – spi: fsi: Implement a timeout for polling status
https://notcve.org/view.php?id=CVE-2022-49173
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: fsi: Implement a timeout for polling status The data transfer routines must poll the status register to determine when more data can be shifted in or out. If the hardware gets into a bad state, these polling loops may never exit. Prevent this by returning an error if a timeout is exceeded. • https://git.kernel.org/stable/c/d4982ceb137e6ecd2b466a6de639790a148cf19a •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2022-49172 – parisc: Fix non-access data TLB cache flush faults
https://notcve.org/view.php?id=CVE-2022-49172
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flush_user_dcache_range_asm and flush_user_icache_range_asm. When these occur, the cache line is not invalidated and potentially we get memory corruption. The problem was hidden by the nullification of the flush instructions. These faults also affect performance. With pa8800/pa8900 processors,... • https://git.kernel.org/stable/c/b3d6adb3a49d82e4e557c5fc16f50c9ff731da5d •