CVE-2022-48964 – ravb: Fix potential use-after-free in ravb_rx_gbeth()
https://notcve.org/view.php?id=CVE-2022-48964
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravb_rx_gbeth() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravb_rx_gbeth() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. • https://git.kernel.org/stable/c/1c59eb678cbd8d322d06d3a5514d36e8e1a4e84c •
CVE-2022-48963 – net: wwan: iosm: fix memory leak in ipc_mux_init()
https://notcve.org/view.php?id=CVE-2022-48963
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_mux_init() When failed to alloc ipc_mux->ul_adb.pp_qlt in ipc_mux_init(), ipc_mux is not released. In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_mux_init() When failed to alloc ipc_mux->ul_adb.pp_qlt in ipc_mux_init(), ipc_mux is not released. • https://git.kernel.org/stable/c/1f52d7b622854b8bd7a1be3de095ca2e1f77098e •
CVE-2022-48962 – net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
https://notcve.org/view.php?id=CVE-2022-48962
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-afte... • https://git.kernel.org/stable/c/542ae60af24f02e130e62cb3b7c23163a2350056 •
CVE-2022-48961 – net: mdio: fix unbalanced fwnode reference count in mdio_device_release()
https://notcve.org/view.php?id=CVE-2022-48961
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leak while probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /spi/soc@0/mdio@710700c0/ethernet@4 In of_mdiobus_register_device(), we increase fwnode refcount by fwnode_handle_get() before associating the of_node w... • https://git.kernel.org/stable/c/a9049e0c513c4521dbfaa302af8ed08b3366b41f •
CVE-2022-48960 – net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
https://notcve.org/view.php?id=CVE-2022-48960
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free... • https://git.kernel.org/stable/c/57c5bc9ad7d799e9507ba6e993398d2c55f03fab •
CVE-2022-48959 – net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
https://notcve.org/view.php?id=CVE-2022-48959
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released. In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released. • https://git.kernel.org/stable/c/bf425b82059e0b0752c0026353c1902112200837 •
CVE-2022-48958 – ethernet: aeroflex: fix potential skb leak in greth_init_rings()
https://notcve.org/view.php?id=CVE-2022-48958
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in greth_init_rings() The greth_init_rings() function won't free the newly allocated skb when dma_mapping_error() returns error, so add dev_kfree_skb() to fix it. Compile tested only. In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in greth_init_rings() The greth_init_rings() function won't free the newly allocated skb when dma_mapping_... • https://git.kernel.org/stable/c/d4c41139df6e74c6fff0cbac43e51cab782133be •
CVE-2022-48957 – dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove()
https://notcve.org/view.php?id=CVE-2022-48957
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() The cmd_buff needs to be freed when error happened in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove(). In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() The cmd_buff needs to be freed when error happened in dpaa2_... • https://git.kernel.org/stable/c/1110318d83e8011c4dfcb2f7dd343bcfb1623c5f •
CVE-2022-48956 – ipv6: avoid use-after-free in ip6_fragment()
https://notcve.org/view.php?id=CVE-2022-48956
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline] BUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Read of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618 CPU: 1 PID: 7618 Comm: ... • https://git.kernel.org/stable/c/1758fd4688eb92c796e75bdb1d256dc558ef9581 •
CVE-2022-48955 – net: thunderbolt: fix memory leak in tbnet_open()
https://notcve.org/view.php?id=CVE-2022-48955
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnet_open() When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in tb_xdomain_alloc_out_hopid() is not released. Add tb_xdomain_release_out_hopid() to the error path to release ida. In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnet_open() When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in tb_xdomain_alloc_out_... • https://git.kernel.org/stable/c/180b0689425c6fb2b35e69a3316ee38371a782df •