CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50711 – net: ethernet: mtk_eth_soc: fix possible memory leak in mtk_probe()
https://notcve.org/view.php?id=CVE-2022-50711
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible memory leak in mtk_probe() If mtk_wed_add_hw() has been called, mtk_wed_exit() needs be called in error path or removing module to free the memory allocated in mtk_wed_add_hw(). • https://git.kernel.org/stable/c/804775dfc2885e93a0a4b35db1914c2cc25172b5 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50710 – ice: set tx_tstamps when creating new Tx rings via ethtool
https://notcve.org/view.php?id=CVE-2022-50710
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver allocates new rings. This allocation did not initialize tx_tstamps. This results in the tx_tstamps field being zero (due to kcalloc allocation), and would result in a NULL pointer dereference when attempting a transmit timestamp on the new ring. • https://git.kernel.org/stable/c/ea9b847cda647b9849b0b9fa0447e876a1ac62e1 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50709 – wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
https://notcve.org/view.php?id=CVE-2022-50709
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() syzbot is reporting uninit value at ath9k_htc_rx_msg() [1], for ioctl(USB_RAW_IOCTL_EP_WRITE) can call ath9k_hif_usb_rx_stream() with pkt_len = 0 but ath9k_hif_usb_rx_stream() uses __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC) based on an assumption that pkt_len is valid. As a result, ath9k_hif_usb_rx_stream() allocates skb with uninitialized memory and ath9k_htc_rx_msg() is reading fr... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50708 – HSI: ssi_protocol: fix potential resource leak in ssip_pn_open()
https://notcve.org/view.php?id=CVE-2022-50708
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: fix potential resource leak in ssip_pn_open() ssip_pn_open() claims the HSI client's port with hsi_claim_port(). When hsi_register_port_event() gets some error and returns a negetive value, the HSI client's port should be released with hsi_release_port(). Fix it by calling hsi_release_port() when hsi_register_port_event() fails. • https://git.kernel.org/stable/c/dc7bf5d7186849aa36b9f0e42e250a813a7b0bdb •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50707 – virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()
https://notcve.org/view.php?id=CVE-2022-50707
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() 'vc_ctrl_req' is alloced in virtio_crypto_alg_skcipher_close_session(), and should be freed in the invalid ctrl_status->status error handling case. Otherwise there is a memory leak. • https://git.kernel.org/stable/c/0756ad15b1fef287d4d8fa11bc36ea77a5c42e4a •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50706 – net/ieee802154: don't warn zero-sized raw_sendmsg()
https://notcve.org/view.php?id=CVE-2022-50706
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized raw_sendmsg() syzbot is hitting skb_assert_len() warning at __dev_queue_xmit() [1], for PF_IEEE802154 socket's zero-sized raw_sendmsg() request is hitting __dev_queue_xmit() with skb->len == 0. Since PF_IEEE802154 socket's zero-sized raw_sendmsg() request was able to return 0, don't call __dev_queue_xmit() if packet length is 0. ---------- #include
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50705 – io_uring/rw: defer fsnotify calls to task context
https://notcve.org/view.php?id=CVE-2022-50705
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the task_work for this request. That avoids valid complaints like: stack backtrace: CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.0.0-rc6-syzkaller-00321-g105a36f3694e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 Call Trace:... • https://git.kernel.org/stable/c/df1ec53252d5b5b26ea49e30438741c9a6d89857 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50704 – USB: gadget: Fix use-after-free during usb config switch
https://notcve.org/view.php?id=CVE-2022-50704
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the ->pullup callback, or the hardware encounters a low probability fault, both of them may cause the ->pullup callback to fail, which will then cause a system panic (use after free). The gadget drivers sometimes need to be unloaded regardless of the hardware's behavior. Analysis as fol... • https://git.kernel.org/stable/c/0a55187a1ec8c03d0619e7ce41d10fdc39cff036 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50703 – soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
https://notcve.org/view.php?id=CVE-2022-50703
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() There are two refcount leak bugs in qcom_smsm_probe(): (1) The 'local_node' is escaped out from for_each_child_of_node() as the break of iteration, we should call of_node_put() for it in error path or when it is not used anymore. (2) The 'node' is escaped out from for_each_available_child_of_node() as the 'goto', we should call of_node_put() for it in goto target. • https://git.kernel.org/stable/c/c97c4090ff72297a878a37715bd301624b71c885 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50702 – vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init()
https://notcve.org/view.php?id=CVE-2022-50702
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() Inject fault while probing module, if device_register() fails in vdpasim_net_init() or vdpasim_blk_init(), but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name() is leaked. Fix this by calling put_device(), so that name can be freed in callback function kobject_cleanup(). (vdpa_sim_net) unreferenced object 0xffff88807eebc370 (siz... • https://git.kernel.org/stable/c/a3c06ae158dd6fa8336157c31d9234689d068d02 •