CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2022-49677 – ARM: cns3xxx: Fix refcount leak in cns3xxx_init
https://notcve.org/view.php?id=CVE-2022-49677
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxx_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxx_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it... • https://git.kernel.org/stable/c/415f59142d9d9dd023deaeb3b4dfc1aecdd3983c •
CVSS: 5.6EPSS: %CPEs: 4EXPL: 0CVE-2022-49676 – memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings
https://notcve.org/view.php?id=CVE-2022-49676
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. This function doesn't call of_node_put() in some error paths. To unify the structure, Add put_node label and goto it on errors. In the Linux kernel, the following vulnerability has been resolved: memory: samsung: exynos5422-dmc: Fix refcount le... • https://git.kernel.org/stable/c/6e7674c3c6df565ab47d02b4f2e608e3477cdf86 •
CVSS: 5.6EPSS: %CPEs: 4EXPL: 0CVE-2022-49675 – tick/nohz: unexport __init-annotated tick_nohz_full_setup()
https://notcve.org/view.php?id=CVE-2022-49675
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-annotated tick_nohz_full_setup() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it had been broken for a decade. Commit 28438794aba4 ("modpost: fix section mismatch check for exported init/exit sections") fi... • https://git.kernel.org/stable/c/ae9e557b5be2e285f48ee945d9c8faf75d4f6a66 •
CVSS: 10.0EPSS: %CPEs: 7EXPL: 0CVE-2022-49674 – dm raid: fix accesses beyond end of raid member array
https://notcve.org/view.php?id=CVE-2022-49674
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the number of raid metadata and image tupples passed into the target's constructor. In the case of RAID layout changes being requested, that number can be different from the current number of members for existing raid sets as defined in the... • https://git.kernel.org/stable/c/5e161a8826b63c0b8b43e4a7fad1f956780f42ab •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2022-49673 – dm raid: fix KASAN warning in raid5_add_disks
https://notcve.org/view.php?id=CVE-2022-49673
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We fix the warning by verifying that rdev->saved_raid_disk is within limits. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when... • https://git.kernel.org/stable/c/2d4e7c9898c20fb3d3f55381cab601761aab7d64 •
CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2022-49672 – net: tun: unlink NAPI from device on destruction
https://notcve.org/view.php?id=CVE-2022-49672
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tun_file which can get destroyed before the netdev so we have to del them explicitly. The current code is missing deleting the NAPI if the queue was detached first. In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun... • https://git.kernel.org/stable/c/943170998b200190f99d3fe7e771437e2c51f319 •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2022-49671 – RDMA/cm: Fix memory leak in ib_cm_insert_listen
https://notcve.org/view.php?id=CVE-2022-49671
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind. In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to mem... • https://git.kernel.org/stable/c/98f67156a80f37db70ec64787020b1f9bc8aea8c •
CVSS: 8.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49670 – linux/dim: Fix divide by 0 in RDMA DIM
https://notcve.org/view.php?id=CVE-2022-49670
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdma_dim_stats_compare() when prev->cpe_ratio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880194b78000 task.stack: ffffc90006714000 RIP: 0010:backport_rdma_dim+0x10e/0x240 [mlx_compat] RSP: 0018:ffff880c10e83ec0 EFLAGS: 00010202 RAX: 0000000000002710 RBX: ffff88096cd7f780 RCX: 0000000000000064 RDX: 0000000000000000 RSI: 0000000000... • https://git.kernel.org/stable/c/f4915455dcf07c4f237d6160a4b6adb0575d2909 •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2022-49669 – mptcp: fix race on unaccepted mptcp sockets
https://notcve.org/view.php?id=CVE-2022-49669
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccepted subflows and that causes later deletion of the paired MPTCP sockets. The mptcp socket's worker can run in the time interval between such delete operations. When that happens, any access to msk->first will cause an UaF access, as the subflow cleanup did not cleared such field in the mptcp socket. Address the iss... • https://git.kernel.org/stable/c/86e39e04482b0aadf3ee3ed5fcf2d63816559d36 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49668 – PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events
https://notcve.org/view.php?id=CVE-2022-49668
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. This function only calls of_node_put() in normal path, missing it in error paths. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_d... • https://git.kernel.org/stable/c/f262f28c147051e7aa6daaf4fb5996833ffadff4 •