CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50011 – venus: pm_helpers: Fix warning in OPP during probe
https://notcve.org/view.php?id=CVE-2022-50011
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: venus: pm_helpers: Fix warning in OPP during probe Fix the following WARN triggered during Venus driver probe on 5.19.0-rc8-next-20220728: WARNING: CPU: 7 PID: 339 at drivers/opp/core.c:2471 dev_pm_opp_set_config+0x49c/0x610 Modules linked in: qcom_spmi_adc5 rtc_pm8xxx qcom_spmi_adc_tm5 leds_qcom_lpg led_class_multicolor qcom_pon qcom_vadc_common venus_core(+) qcom_spmi_temp_alarm v4l2_mem2mem videobuf2_v4l2 msm(+) videobuf2_common crct10di... • https://git.kernel.org/stable/c/0bdec5eed69c73886af4cfbb94b663e1e10b8344 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50010 – video: fbdev: i740fb: Check the argument of i740_calc_vclk()
https://notcve.org/view.php?id=CVE-2022-50010
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740_calc_vclk() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper 'pixclock' value that makes the argumet of i740_calc_vclk() less than 'I740_RFREQ_FIX', it will cause a divide-by-zero bug in: drivers/video/fbdev/i740fb.c:353 p_best = min(15, ilog2(I740_MAX_VCO_FREQ / (freq... • https://git.kernel.org/stable/c/59cefb583c984c0da8cf21a4c57d26d5a20dff5c •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50009 – f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data
https://notcve.org/view.php?id=CVE-2022-50009
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data There is issue as follows when test f2fs atomic write: F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock F2FS-fs (loop0): invalid crc_offset: 0 F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. ================================================================== BUG: KASAN: ... • https://git.kernel.org/stable/c/0f63e33eca6fa29a11c76fa31db5fe1cada5ad6e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50007 – xfrm: fix refcount leak in __xfrm_policy_check()
https://notcve.org/view.php?id=CVE-2022-50007
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in __xfrm_policy_check() The issue happens on an error path in __xfrm_policy_check(). When the fetching process of the object `pols[1]` fails, the function simply returns 0, forgetting to decrement the reference count of `pols[0]`, which is incremented earlier by either xfrm_sk_policy_lookup() or xfrm_policy_lookup(). This may result in memory leaks. Fix it by decreasing the reference count of `pols[0]` in that path.... • https://git.kernel.org/stable/c/134b0fc544ba062498451611cb6f3e4454221b3d •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49993 – loop: Check for overflow while configuring loop
https://notcve.org/view.php?id=CVE-2022-49993
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loop_config is passed (see lo_ioctl()'s case on line 1550 of drivers/block/loop.c). This proceeds to call loop_configure() which in turn calls loop_set_status_from_info() (see line 1050 of loop.c), passing &config->info which is of type loop_info64*. This function then sets the appropriate values, like the ... • https://git.kernel.org/stable/c/18e28817cb516b39de6281f6db9b0618b2cc7b42 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49982 – media: pvrusb2: fix memory leak in pvr_probe
https://notcve.org/view.php?id=CVE-2022-49982
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvr_probe The error handling code in pvr2_hdw_create forgets to unregister the v4l2 device. When pvr2_hdw_create returns back to pvr2_context_create, it calls pvr2_context_destroy to destroy context, but mp->hdw is NULL, which leads to that pvr2_hdw_destroy directly returns. Fix this by adding v4l2_device_unregister to decrease the refcount of usb interface. In the Linux kernel, the following vulnerability... • https://git.kernel.org/stable/c/2fe46195d2f0d5d09ea65433aefe47a4d0d0ff4d •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49981 – HID: hidraw: fix memory leak in hidraw_release()
https://notcve.org/view.php?id=CVE-2022-49981
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidraw_release() Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 (size 32): comm "softirq", pid 0, jiffies 4294945143 (age 16.080s) hex dump (first 32 bytes): 64 f3 c6 6a d1 88 07 04 00 00 00 00 00 00 00 00 d..j............ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49980 – USB: gadget: Fix use-after-free Read in usb_udc_uevent()
https://notcve.org/view.php?id=CVE-2022-49980
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------------------------------------------- BUG: KASAN: use-after-free in usb_udc_uevent+0x11f/0x130 drivers/usb/gadget/udc/core.c:1732 Read of size 8 at addr ffff888078ce2050 by task udevd/2968 CPU: 1 PID: 2968 Comm: udevd Not tainted 5.19.... • https://git.kernel.org/stable/c/f44b0b95d50fffeca036e1ba36770390e0b519dd •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49979 – net: fix refcount bug in sk_psock_get (2)
https://notcve.org/view.php?id=CVE-2022-49979
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in sk_psock_get (2) Syzkaller reports refcount bug as follows: ------------[ cut here ]------------ refcount_t: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19 refcount_warn_saturate+0xf4/0x1e0 lib/refcount.c:19 Modules linked in: CPU: 1 PID: 3605 Comm: syz-executor208 Not tainted 5.18.0-syzkaller-03023-g7e062cda7d90 #0
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49978 – fbdev: fb_pm2fb: Avoid potential divide by zero error
https://notcve.org/view.php?id=CVE-2022-49978
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: fb_pm2fb: Avoid potential divide by zero error In `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be copied from user, then go through `fb_set_var()` and `info->fbops->fb_check_var()` which could may be `pm2fb_check_var()`. Along the path, `var->pixclock` won't be modified. This function checks whether reciprocal of `var->pixclock` is too high. If `var->pixclock` is zero, there will be a divide by zero error. So, ... • https://git.kernel.org/stable/c/0f1174f4972ea9fad6becf8881d71adca8e9ca91 •