CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49530 – drm/amd/pm: fix double free in si_parse_power_table()
https://notcve.org/view.php?id=CVE-2022-49530
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix double free in si_parse_power_table() In function si_parse_power_table(), array adev->pm.dpm.ps and its member is allocated. If the allocation of each member fails, the array itself is freed and returned with an error code. However, the array is later freed again in si_dpm_fini() function which is called when the function returns an error. This leads to potential double free of the array adev->pm.dpm.ps, as well as leak of i... • https://git.kernel.org/stable/c/2615464854505188f909d0c07c37a6623693b5c7 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49529 – drm/amdgpu/pm: fix the null pointer while the smu is disabled
https://notcve.org/view.php?id=CVE-2022-49529
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: fix the null pointer while the smu is disabled It needs to check if the pp_funcs is initialized while release the context, otherwise it will trigger null pointer panic while the software smu is not enabled. [ 1109.404555] BUG: kernel NULL pointer dereference, address: 0000000000000078 [ 1109.404609] #PF: supervisor read access in kernel mode [ 1109.404638] #PF: error_code(0x0000) - not-present page [ 1109.404657] PGD 0 P4D 0 ... • https://git.kernel.org/stable/c/49ec3441aa5e5940f3e82dd2f0205b9c856e399d •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2022-49528 – media: i2c: dw9714: Disable the regulator when the driver fails to probe
https://notcve.org/view.php?id=CVE-2022-49528
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: dw9714: Disable the regulator when the driver fails to probe When the driver fails to probe, we will get the following splat: [ 59.305988] ------------[ cut here ]------------ [ 59.306417] WARNING: CPU: 2 PID: 395 at drivers/regulator/core.c:2257 _regulator_put+0x3ec/0x4e0 [ 59.310345] RIP: 0010:_regulator_put+0x3ec/0x4e0 [ 59.318362] Call Trace: [ 59.318582]
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2022-49527 – media: venus: hfi: avoid null dereference in deinit
https://notcve.org/view.php?id=CVE-2022-49527
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venus_probe fails at pm_runtime_put_sync the error handling first calls hfi_destroy and afterwards hfi_core_deinit. As hfi_destroy sets core->ops to NULL, hfi_core_deinit cannot call the core_deinit function anymore. Avoid this null pointer derefence by skipping the call when necessary. • https://git.kernel.org/stable/c/2533acb652359c9e097dfa33587896af782e8a91 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2022-49526 – md/bitmap: don't set sb values if can't pass sanity check
https://notcve.org/view.php?id=CVE-2022-49526
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: md/bitmap: don't set sb values if can't pass sanity check If bitmap area contains invalid data, kernel will crash then mdadm triggers "Segmentation fault". This is cluster-md speical bug. In non-clustered env, mdadm will handle broken metadata case. In clustered array, only kernel space handles bitmap slot info. But even this bug only happened in clustered env, current sanity check is wrong, the code should be changed. How to trigger: (faul... • https://git.kernel.org/stable/c/422e8f7ba1e08c8e0e88d375bcb550bc2bbfe96d •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2022-49525 – media: cx25821: Fix the warning when removing the module
https://notcve.org/view.php?id=CVE-2022-49525
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get the following warning: [ 14.746697] remove_proc_entry: removing non-empty directory 'irq/21', leaking at least 'cx25821[1]' [ 14.747449] WARNING: CPU: 4 PID: 368 at fs/proc/generic.c:717 remove_proc_entry+0x389/0x3f0 [ 14.751611] RIP: 0010:remove_proc_entry+0x389/0x3f0 [ 14.759589] Call Trace: [ 14.759792]
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2022-49524 – media: pci: cx23885: Fix the error handling in cx23885_initdev()
https://notcve.org/view.php?id=CVE-2022-49524
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885_initdev() When the driver fails to call the dma_set_mask(), the driver will get the following splat: [ 55.853884] BUG: KASAN: use-after-free in __process_removed_driver+0x3c/0x240 [ 55.854486] Read of size 8 at addr ffff88810de60408 by task modprobe/590 [ 55.856822] Call Trace: [ 55.860327] __process_removed_driver+0x3c/0x240 [ 55.861347] bus_for_each_dev+0x102/0x160 [ 55.861681] i2c_de... • https://git.kernel.org/stable/c/6041d1a0365baa729b6adfb6ed5386d9388018db •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49523 – ath11k: disable spectral scan during spectral deinit
https://notcve.org/view.php?id=CVE-2022-49523
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ath11k: disable spectral scan during spectral deinit When ath11k modules are removed using rmmod with spectral scan enabled, crash is observed. Different crash trace is observed for each crash. Send spectral scan disable WMI command to firmware before cleaning the spectral dbring in the spectral_deinit API to avoid this crash. call trace from one of the crash observed: [ 1252.880802] Unable to handle kernel NULL pointer dereference at virtu... • https://git.kernel.org/stable/c/60afa4f4e1350c876d8a061182a70c224de275dd •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2022-49522 – mmc: jz4740: Apply DMA engine limits to maximum segment size
https://notcve.org/view.php?id=CVE-2022-49522
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers (cf. host/mmci.c) and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid warnings like the following with CONFIG_DMA_API_DEBUG=y. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 21 at kernel/dma/debug.c:1162 debug_dma_map_sg+0x2f4/0x39c DMA-API: jz4780-dma 13420000.dma-contr... • https://git.kernel.org/stable/c/7923f95997a79cef2ad161a2facae64c25a0bca0 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49521 – scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
https://notcve.org/view.php?id=CVE-2022-49521
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() If no handler is found in lpfc_complete_unsol_iocb() to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discarding an unhandled frame type. Update lpfc_fc_frame_check() handling of NOP basic link service. • https://git.kernel.org/stable/c/fa1b509d41c5433672f72c0615cf4aefa0611c99 •