CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49097 – NFS: Avoid writeback threads getting stuck in mempool_alloc()
https://notcve.org/view.php?id=CVE-2022-49097
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempool_alloc() In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempool_alloc(). • https://git.kernel.org/stable/c/c74e2f6ecc51bd08bb5b0335477dba954a50592e •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49096 – net: sfc: add missing xdp queue reinitialization
https://notcve.org/view.php?id=CVE-2022-49096
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDP_TX or XDP_REDIRECT. When tx/rx ring buffer size is changed(ethtool -G), sfc driver reallocates and reinitializes rx and tx queues and their buffer (tx_queue->buffer). But it misses reinitializing xdp queues(efx->xdp_tx_queues). So, while it is acting XDP_TX or XDP_REDIRECT, it uses the uninitialized tx_queue->buffer... • https://git.kernel.org/stable/c/3990a8fffbdad5765f47ea593f9de66c91762059 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49095 – scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
https://notcve.org/view.php?id=CVE-2022-49095
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add the missing iounmap() call in the remove function. • https://git.kernel.org/stable/c/45804fbb00eea27bdf4d62751681228a9e2844e9 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49094 – net/tls: fix slab-out-of-bounds bug in decrypt_internal
https://notcve.org/view.php?id=CVE-2022-49094
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decrypt_internal The memory size of tls_ctx->rx.iv for AES128-CCM is 12 setting in tls_set_sw_offload(). The return value of crypto_aead_ivsize() for "ccm(aes)" is 16. So memcpy() require 16 bytes from 12 bytes memory space will trigger slab-out-of-bounds bug as following: ================================================================== BUG: KASAN: slab-out-of-bounds in decrypt_internal+0x385/0xc40 [... • https://git.kernel.org/stable/c/f295b3ae9f5927e084bd5decdff82390e3471801 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49093 – skbuff: fix coalescing for page_pool fragment recycling
https://notcve.org/view.php?id=CVE-2022-49093
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for page_pool fragment recycling Fix a use-after-free when using page_pool with page fragments. We encountered this problem during normal RX in the hns3 driver: (1) Initially we have three descriptors in the RX queue. The first one allocates PAGE1 through page_pool, and the other two allocate one half of PAGE2 each. Page references look like this: RX_BD1 _______ PAGE1 RX_BD2 _______ PAGE2 RX_BD3 _________/ (2) Handle ... • https://git.kernel.org/stable/c/53e0961da1c7bbdabd1abebb20de403ec237ec09 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49092 – net: ipv4: fix route with nexthop object delete warning
https://notcve.org/view.php?id=CVE-2022-49092
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning[1] while deleting routes[2] which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an interface. That is, a route is found but we hit a warning while matching it. The warning is from fib_info_nh() in include/net/nexthop.h because we run it on a fib_info with nexthop object. The call chain is: inet... • https://git.kernel.org/stable/c/4c7e8084fd467ddb2b0e6c6011f9c1064afb7e56 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49091 – drm/imx: Fix memory leak in imx_pd_connector_get_modes
https://notcve.org/view.php?id=CVE-2022-49091
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/imx: Fix memory leak in imx_pd_connector_get_modes Avoid leaking the display mode variable if of_get_drm_display_mode fails. Addresses-Coverity-ID: 1443943 ("Resource leak") • https://git.kernel.org/stable/c/76ecd9c9fb24b014a6f33fbb1287ede3be12158b •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2022-49090 – arch/arm64: Fix topology initialization for core scheduling
https://notcve.org/view.php?id=CVE-2022-49090
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on store_cpu_topology() to call update_siblings_masks() to transfer the toplogy to the various cpu masks. This needs to be done before the call to notify_cpu_starting() which tells the scheduler about each cpu found, otherwise the core scheduling data structures are setup in a way that does not match the actual topology. With smt_mask not setup correctly we bail ... • https://git.kernel.org/stable/c/9edeaea1bc452372718837ed2ba775811baf1ba1 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49089 – IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition
https://notcve.org/view.php?id=CVE-2022-49089
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition The documentation of the function rvt_error_qp says both r_lock and s_lock need to be held when calling that function. It also asserts using lockdep that both of those locks are held. However, the commit I referenced in Fixes accidentally makes the call to rvt_error_qp in rvt_ruc_loopback no longer covered by r_lock. This results in the lockdep assertion failing and als... • https://git.kernel.org/stable/c/d757c60eca9b22f4d108929a24401e0fdecda0b1 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49088 – dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
https://notcve.org/view.php?id=CVE-2022-49088
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe This node pointer is returned by of_find_compatible_node() with refcount incremented. Calling of_node_put() to aovid the refcount leak. • https://git.kernel.org/stable/c/d346c9e86d8685d7cdceddf5b2e9c4376334620c •