CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49232 – drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()
https://notcve.org/view.php?id=CVE-2022-49232
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() In amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode() is assigned to mode and is passed to drm_mode_probed_add() directly after that. drm_mode_probed_add() passes &mode->head to list_add_tail(), and there is a dereference of it in list_add_tail() without recoveries, which could lead to NULL pointer dereference on failure of amdgpu_d... • https://git.kernel.org/stable/c/e7b07ceef2a650e5ed8ca37997689e086c680daf •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49229 – ptp: unregister virtual clocks when unregistering physical clock.
https://notcve.org/view.php?id=CVE-2022-49229
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ptp: unregister virtual clocks when unregistering physical clock. When unregistering a physical clock which has some virtual clocks, unregister the virtual clocks with it. This fixes the following oops, which can be triggered by unloading a driver providing a PTP clock when it has enabled virtual clocks: BUG: unable to handle page fault for address: ffffffffc04fc4d8 Oops: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:ptp_vclock_read+0x31/0xb0 Call ... • https://git.kernel.org/stable/c/73f37068d540eba5f93ba3a0019bf479d35ebd76 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49227 – igc: avoid kernel warning when changing RX ring parameters
https://notcve.org/view.php?id=CVE-2022-49227
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtool -G eth0 rx 1024 on igc triggers kernel warnings like this: [ 225.198467] ------------[ cut here ]------------ [ 225.198473] Missing unregister, handled but fix driver [ 225.198485] WARNING: CPU: 7 PID: 959 at net/core/xdp.c:168 xdp_rxq_info_reg+0x79/0xd0 [...] [ 225.198601] Call Trace: [ 225.198604]
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49226 – net: asix: add proper error handling of usb read errors
https://notcve.org/view.php?id=CVE-2022-49226
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asix_read_cmd() reads less bytes, than was requested by caller. Since all read requests are performed via asix_read_cmd() let's catch usb related error there and add __must_check notation to be sure all callers actually check return value. So, this patch adds sanity check inside asix_read_cmd(), that simpl... • https://git.kernel.org/stable/c/d9fe64e511144c1ee7d7555b4111f09dde9692ef •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49224 – power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init
https://notcve.org/view.php?id=CVE-2022-49224
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put(). • https://git.kernel.org/stable/c/8c0984e5a75337df513047ec92a6c09d78e3e5cd •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49223 – cxl/port: Hold port reference until decoder release
https://notcve.org/view.php?id=CVE-2022-49223
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUG_KOBJECT_RELEASE reports a potential use-after-free in cxl_decoder_release() where it goes to reference its parent, a cxl_port, to free its id back to port->decoder_ida. BUG: KASAN: use-after-free in to_cxl_port+0x18/0x90 [cxl_core] Read of size 8 at addr ffff888119270908 by task kworker/35:2/379 CPU: 35 PID: 379 Comm: kworker/35:2 Tainted: G OE 5.17.0-rc2+ #198 Hardware name:... • https://git.kernel.org/stable/c/40ba17afdfabb01688c61565dbe02a916241bc05 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49222 – drm/bridge: anx7625: Fix overflow issue on reading EDID
https://notcve.org/view.php?id=CVE-2022-49222
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fix overflow issue on reading EDID The length of EDID block can be longer than 256 bytes, so we should use `int` instead of `u8` for the `edid_pos` variable. • https://git.kernel.org/stable/c/8bdfc5dae4e3ba4d99dfb430ef43249e5f1b7730 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49221 – drm/msm/dp: populate connector of struct dp_panel
https://notcve.org/view.php?id=CVE-2022-49221
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: populate connector of struct dp_panel DP CTS test case 4.2.2.6 has valid edid with bad checksum on purpose and expect DP source return correct checksum. During drm edid read, correct edid checksum is calculated and stored at connector::real_edid_checksum. The problem is struct dp_panel::connector never be assigned, instead the connector is stored in struct msm_dp::connector. When we run compliance testing test case 4.2.2.6 dp_pa... • https://git.kernel.org/stable/c/f86bc4a1a401d3691bad41e67f9db0c2ea94da32 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49220 – dax: make sure inodes are flushed before destroy cache
https://notcve.org/view.php?id=CVE-2022-49220
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprobe -r nd_pmem [ 10.060014] BUG dax_cache (Not tainted): Objects remaining in dax_cache on __kmem_cache_shutdown() [ 10.060938] Slab 0x0000000085b729ac objects=9 used=1 fp=0x000000004f5ae469 flags=0x200000000010200(slab|head|node) [ 10.062433] Call Trace: [ 10.062673] dump_stack_lvl+0x34/0x44 [ 10.062865] slab_err+0x... • https://git.kernel.org/stable/c/7b6be8444e0f0dd675b54d059793423d3c9b4c03 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49219 – vfio/pci: fix memory leak during D3hot to D0 transition
https://notcve.org/view.php?id=CVE-2022-49219
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix memory leak during D3hot to D0 transition If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device does not have No_Soft_Reset bit set in its PMCSR config register), then the current PCI state will be saved locally in 'vfio_pci_core_device::pm_save' during D0->D3hot transition and same will be restored back during D3hot->D0 transition. For saving the PCI state locally, pci_store_saved_state() is being used and the pci_lo... • https://git.kernel.org/stable/c/51ef3a004b1eb6241e56b3aa8495769a092a4dc2 •