CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2022-49646 – wifi: mac80211: fix queue selection for mesh/OCB interfaces
https://notcve.org/view.php?id=CVE-2022-49646
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for broadcast packets, using the BE queue. Allowing non-BE queue marking violates that assumption and txq->ac == skb_queue_mapping is no longer guaranteed. This can cause issues with queue handling in the driver and also causes issues with the recent ATF change, resulting in an AQL underflow warning. In the Linux ke... • https://git.kernel.org/stable/c/444be5a02b77f3b7a8ac9c1a0b074fbb3bd89cd0 •
CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2022-49645 – drm/panfrost: Fix shrinker list corruption by madvise IOCTL
https://notcve.org/view.php?id=CVE-2022-49645
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix shrinker list corruption by madvise IOCTL Calling madvise IOCTL twice on BO causes memory shrinker list corruption and crashes kernel because BO is already on the list and it's added to the list again, while BO should be removed from the list before it's re-added. Fix it. In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix shrinker list corruption by madvise IOCTL Calling madvise IOCTL twi... • https://git.kernel.org/stable/c/013b6510131568ce4e01856d5360bfdfe9c3632f •
CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2022-49644 – drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
https://notcve.org/view.php?id=CVE-2022-49644
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() If drm_connector_init fails, intel_connector_free will be called to take care of proper free. So it is necessary to drop the refcount of port before intel_connector_free. (cherry picked from commit cea9ed611e85d36a05db52b6457bf584b7d969e2) In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connec... • https://git.kernel.org/stable/c/091a4f91942a4396c67e5747f5cb38c6396d1fc5 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2022-49643 – ima: Fix a potential integer overflow in ima_appraise_measurement
https://notcve.org/view.php?id=CVE-2022-49643
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be negative, which may cause the integer overflow problem. In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be negative, which may cause the integer ov... • https://git.kernel.org/stable/c/39b07096364a42c516415d5f841069e885234e61 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49642 – net: stmmac: dwc-qos: Disable split header for Tegra194
https://notcve.org/view.php?id=CVE-2022-49642
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed [0]. The problem occurs when the split header feature is enabled in the stmmac driver. In the bad case, a larger than expected buffer length is received and causes the calculation of the total buffer length to overflow. This results in a very large buffer len... • https://git.kernel.org/stable/c/67afd6d1cfdf0d0461fe3c4c922447f3e9b1c6ee •
CVSS: 4.7EPSS: %CPEs: 6EXPL: 0CVE-2022-49641 – sysctl: Fix data races in proc_douintvec().
https://notcve.org/view.php?id=CVE-2022-49641
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in proc_douintvec(). A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_douintvec() to use READ_ONCE() and WRITE_ONCE() internally to fix data-races on the sysctl side. For now, proc_douintvec() itself is tolerant to a data-race, but we still need to add annotations on the oth... • https://git.kernel.org/stable/c/e7d316a02f683864a12389f8808570e37fb90aa3 •
CVSS: 4.7EPSS: %CPEs: 4EXPL: 0CVE-2022-49640 – sysctl: Fix data races in proc_douintvec_minmax().
https://notcve.org/view.php?id=CVE-2022-49640
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in proc_douintvec_minmax(). A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_douintvec_minmax() to use READ_ONCE() and WRITE_ONCE() internally to fix data-races on the sysctl side. For now, proc_douintvec_minmax() itself is tolerant to a data-race, but we still need to add a... • https://git.kernel.org/stable/c/61d9b56a89208d8cccd0b4cfec7e6959717e16e3 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49639 – cipso: Fix data-races around sysctl.
https://notcve.org/view.php?id=CVE-2022-49639
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE() to avoid data-races. In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE() to avoid data-races. • https://git.kernel.org/stable/c/446fda4f26822b2d42ab3396aafcedf38a9ff2b6 •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49638 – icmp: Fix data-races around sysctl.
https://notcve.org/view.php?id=CVE-2022-49638
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE() to avoid data-races. In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE() to avoid data-races. • https://git.kernel.org/stable/c/4cdf507d54525842dfd9f6313fdafba039084046 •
CVSS: 6.3EPSS: %CPEs: 5EXPL: 0CVE-2022-49637 – ipv4: Fix a data-race around sysctl_fib_sync_mem.
https://notcve.org/view.php?id=CVE-2022-49637
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_sync_mem. While reading sysctl_fib_sync_mem, it can be changed concurrently. So, we need to add READ_ONCE() to avoid a data-race. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_sync_mem. While reading sysctl_fib_sync_mem, it can be changed concurrently. So, we need to add READ_ONCE() to avoid a data-race. • https://git.kernel.org/stable/c/9ab948a91b2c2abc8e82845c0e61f4b1683e3a4f •