CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50736 – RDMA/siw: Fix immediate work request flush to completion queue
https://notcve.org/view.php?id=CVE-2022-50736
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue op... • https://git.kernel.org/stable/c/303ae1cdfdf7280ff4cfbbe65563b5ff15bb025b •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50735 – wifi: mt76: do not run mt76u_status_worker if the device is not running
https://notcve.org/view.php?id=CVE-2022-50735
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the devic... • https://git.kernel.org/stable/c/9daf27e62852d68c6ffc2c21090238ea51bb0a7f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50734 – nvmem: core: Fix memleak in nvmem_register()
https://notcve.org/view.php?id=CVE-2022-50734
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmem_register() dev_set_name will alloc memory for nvmem->dev.kobj.name in nvmem_register, when nvmem_validate_keepouts failed, nvmem's memory will be freed and return, but nobody will free memory for nvmem->dev.kobj.name, there will be memleak, so moving nvmem_validate_keepouts() after device_register() and let the device core deal with cleaning name in error cases. In the Linux kernel, the follow... • https://git.kernel.org/stable/c/de0534df93474f268486c486ea7e01b44a478026 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50733 – usb: idmouse: fix an uninit-value in idmouse_open
https://notcve.org/view.php?id=CVE-2022-50733
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. ... In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. • https://git.kernel.org/stable/c/4244f72436ab77c3c29a6447af81734ab3925d85 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50732 – staging: rtl8192u: Fix use after free in ieee80211_rx()
https://notcve.org/view.php?id=CVE-2022-50732
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. • https://git.kernel.org/stable/c/8fc8598e61f6f384f3eaf1d9b09500c12af47b37 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50731 – crypto: akcipher - default implementation for setting a private key
https://notcve.org/view.php?id=CVE-2022-50731
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callback defined as there are no use case for an algorithm, which doesn't need a public key Many akcipher implementations (like ECDSA) support only signature verifications, so they don't have all callbacks defined. In the Linux ker... • https://git.kernel.org/stable/c/78a0324f4a5328088fea9426cfe1d1851276c475 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50730 – ext4: silence the warning when evicting inode with dioread_nolock
https://notcve.org/view.php?id=CVE-2022-50730
24 Dec 2025 — I_FREEING locked_inode_to_wb_and_lock_list() iput() iput_final() evict() ext4_evict_inode() truncate_inode_pages_final() //wait release io_end inode_io_list_move_locked() ext4_release_io_end() trigger WARN_ON_ONCE() In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty ... • https://git.kernel.org/stable/c/ceff86fddae8748fe00d4f2d249cb02cae62ad84 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50729 – ksmbd: Fix resource leak in ksmbd_session_rpc_open()
https://notcve.org/view.php?id=CVE-2022-50729
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbd_session_rpc_open() When ksmbd_rpc_open() fails then it must call ksmbd_rpc_id_free() to undo the result of ksmbd_ipc_id_alloc(). In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbd_session_rpc_open() When ksmbd_rpc_open() fails then it must call ksmbd_rpc_id_free() to undo the result of ksmbd_ipc_id_alloc(). • https://git.kernel.org/stable/c/e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50728 – s390/lcs: Fix return type of lcs_start_xmit()
https://notcve.org/view.php?id=CVE-2022-50728
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI,... • https://git.kernel.org/stable/c/dc1f8bf68b311b1537cb65893430b6796118498a •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50727 – scsi: efct: Fix possible memleak in efct_device_init()
https://notcve.org/view.php?id=CVE-2022-50727
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init() and causes memleak: unreferenced object 0xffff8881020ce000 (size 2048): comm "modprobe", pid 465, jiffies 4294928222 (age 55.872s) backtrace: [<0000000021a1ef1b>] kmalloc_trace+0x27/0x110 [<000000004c3ed51c>] target_register_t... • https://git.kernel.org/stable/c/4df84e8466242de835416a4ec0c856c0e2ed26eb •