CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49245 – ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume
https://notcve.org/view.php?id=CVE-2022-49245
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with pm_runtime_resume_and_get to keep usage counter balanced. • https://git.kernel.org/stable/c/081068fd641403994f0505e6b91e021d3925f348 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49244 – ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe
https://notcve.org/view.php?id=CVE-2022-49244
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. Fix this by calling of_node_put() in error handling too. • https://git.kernel.org/stable/c/286c6f7b28fab19d649c2e1f3bc18fdecdbadfe5 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49243 – ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
https://notcve.org/view.php?id=CVE-2022-49243
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. • https://git.kernel.org/stable/c/531f67e41dcde1e358cf821d056241a66355cf03 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49242 – ASoC: mxs: Fix error handling in mxs_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49242
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers. • https://git.kernel.org/stable/c/e968194b45c4e8077dada75c5bae5660b37628fe •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49241 – ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe
https://notcve.org/view.php?id=CVE-2022-49241
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. • https://git.kernel.org/stable/c/fdbcb3cba54b29a37dfe42acdc0e72c543e0807d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49240 – ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe
https://notcve.org/view.php?id=CVE-2022-49240
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. • https://git.kernel.org/stable/c/082482a5022780d42180a394fe6843e71fe963d8 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49239 – ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data
https://notcve.org/view.php?id=CVE-2022-49239
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This is similar to commit 64b92de9603f ("ASoC: wcd9335: fix a leaked reference by adding missing of_node_put") • https://git.kernel.org/stable/c/a61f3b4f476eceb25274161e5a53a8d18e42610b •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49238 – ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855
https://notcve.org/view.php?id=CVE-2022-49238
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855 Commit b4a0f54156ac ("ath11k: move peer delete after vdev stop of station for QCA6390 and WCN6855") is to fix firmware crash by changing the WMI command sequence, but actually skip all the peer delete operation, then it lead commit 58595c9874c6 ("ath11k: Fixing dangling pointer issue upon peer delete failure") not take effect, and then happened a use-after-free warnin... • https://git.kernel.org/stable/c/b4a0f54156ac7720de1750b6ea06657c91c52163 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49237 – ath11k: add missing of_node_put() to avoid leak
https://notcve.org/view.php?id=CVE-2022-49237
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: add missing of_node_put() to avoid leak The node pointer is returned by of_find_node_by_type() or of_parse_phandle() with refcount incremented. Calling of_node_put() to aovid the refcount leak. • https://git.kernel.org/stable/c/6ac04bdc5edb418787ab2040b1f922c23464c750 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49236 – bpf: Fix UAF due to race between btf_try_get_module and load_module
https://notcve.org/view.php?id=CVE-2022-49236
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btf_try_get_module and load_module While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already be seen by userspace (and the BPF verifier). The existing btf_try_get_module calls try_module_get which only fails if mod->state == MODULE_STATE_GOING, i.e. it can increment module reference when module initcall... • https://git.kernel.org/stable/c/541c3bad8dc51b253ba8686d0cd7628e6b9b5f4c • CWE-416: Use After Free •