CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50766 – btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer
https://notcve.org/view.php?id=CVE-2022-50766
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code") missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must not be moved to after clean_tree_block() because clean_tree_block() is calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs: ... • https://git.kernel.org/stable/c/bc877d285ca3dba24c52406946a4a69847cc7422 •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50765 – RISC-V: kexec: Fix memory leak of elf header buffer
https://notcve.org/view.php?id=CVE-2022-50765
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xff2000000403d000 (size 4096): comm "kexec", pid 146, jiffies 4294900633 (age 64.792s) hex dump (first 32 bytes): 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 .ELF............ 04 00 f3 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000566ca97c>] kmemleak_vmalloc+0x3c/0xbe [<00000000979283d8>] __vmallo... • https://git.kernel.org/stable/c/8acea455fafaf2620b247de6c00774828b618a82 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50764 – ipv6/sit: use DEV_STATS_INC() to avoid data-races
https://notcve.org/view.php?id=CVE-2022-50764
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev->stats.tx_error concurrently. This is because sit tunnels are NETIF_F_LLTX, meaning their ndo_start_xmit() is not protected by a spinlock. While original KCSAN report was about tx path, rx path has the same issue. In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzb... • https://git.kernel.org/stable/c/8df40d1033d64597dcf1efd4f7547e817f7a953b •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50763 – crypto: marvell/octeontx - prevent integer overflows
https://notcve.org/view.php?id=CVE-2022-50763
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(ucode_size, 16)... • https://git.kernel.org/stable/c/d9110b0b01ff1cd02751cd5c2c94e938a8906083 •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50762 – fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
https://notcve.org/view.php?id=CVE-2022-50762
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() syzbot reported UBSAN error as below: [ 76.901829][ T6677] ================================================================================ [ 76.903908][ T6677] UBSAN: shift-out-of-bounds in fs/ntfs3/super.c:675:13 [ 76.905363][ T6677] shift exponent -247 is negative This patch avoid this error. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN er... • https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50761 – x86/xen: Fix memory leak in xen_init_lock_cpu()
https://notcve.org/view.php?id=CVE-2022-50761
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory leak issue, fix it. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandle... • https://git.kernel.org/stable/c/2d9e1e2f58b5612aa4eab0ab54c84308a29dbd79 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50760 – drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
https://notcve.org/view.php?id=CVE-2022-50760
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we break the loop in amdgpu_atrm_get_bios() with 'pdev' not NULL, we need to call pci_dev_put() to decrease the refcount. Add the missing pci_dev_put() to avoid refcount leak. In the Linux kernel, the following... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50759 – media: i2c: ov5648: Free V4L2 fwnode data on unbind
https://notcve.org/view.php?id=CVE-2022-50759
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak. • https://git.kernel.org/stable/c/e43ccb0a045f34838b786e8021dc4838b4af5c38 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50758 – staging: vt6655: fix potential memory leak
https://notcve.org/view.php?id=CVE-2022-50758
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function device_init_td0_ring, memory is allocated for member td_info of priv->apTD0Rings[i], with i increasing from 0. In case of allocation failure, the memory is freed in reversed order, with i decreasing to 0. However, the case i=0 is left out and thus memory is leaked. Modify the memory freeing loop to include the case i=0. In the Linux kernel, the following vulnerability has been resolved:... • https://git.kernel.org/stable/c/5341ee0adb17d12a96dc5344e0d267cd12b52135 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50757 – media: camss: Clean up received buffers on failed start of streaming
https://notcve.org/view.php?id=CVE-2022-50757
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160