CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49248 – ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
https://notcve.org/view.php?id=CVE-2022-49248
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transaction was supported at a commit 00a7bb81c20f ("ALSA: firewire-lib: Add support for deferred transaction") while 'deferrable' flag can be uninitialized for non-control/notify AV/C transactions. UBSAN reports it: kernel: ================================================================================ kernel: UBSAN: invalid-load in /build/linux-aa0B4d/... • https://git.kernel.org/stable/c/00a7bb81c20f3e81711e28e0f6c08cee8fd18514 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49247 – media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED
https://notcve.org/view.php?id=CVE-2022-49247
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all queued buffers in the driver should be returned with state 'VB2_BUF_STATE_QUEUED'. Currently, they are returned with 'VB2_BUF_STATE_ERROR' which is wrong. Fix this. This also fixes the warning: [ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0... • https://git.kernel.org/stable/c/8ac456495a33d9466076fea94594181ceefb76d9 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49246 – ASoC: atmel: Fix error handling in snd_proto_probe
https://notcve.org/view.php?id=CVE-2022-49246
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in snd_proto_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. Fix this by calling of_node_put() in error handling too. • https://git.kernel.org/stable/c/a45f8853a5f95e3760dfbd7ba09d3d597d247040 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49245 – ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume
https://notcve.org/view.php?id=CVE-2022-49245
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with pm_runtime_resume_and_get to keep usage counter balanced. • https://git.kernel.org/stable/c/081068fd641403994f0505e6b91e021d3925f348 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49244 – ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe
https://notcve.org/view.php?id=CVE-2022-49244
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. Fix this by calling of_node_put() in error handling too. • https://git.kernel.org/stable/c/286c6f7b28fab19d649c2e1f3bc18fdecdbadfe5 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49243 – ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
https://notcve.org/view.php?id=CVE-2022-49243
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. • https://git.kernel.org/stable/c/531f67e41dcde1e358cf821d056241a66355cf03 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49242 – ASoC: mxs: Fix error handling in mxs_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49242
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers. • https://git.kernel.org/stable/c/e968194b45c4e8077dada75c5bae5660b37628fe •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49241 – ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe
https://notcve.org/view.php?id=CVE-2022-49241
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. • https://git.kernel.org/stable/c/fdbcb3cba54b29a37dfe42acdc0e72c543e0807d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49240 – ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe
https://notcve.org/view.php?id=CVE-2022-49240
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. • https://git.kernel.org/stable/c/082482a5022780d42180a394fe6843e71fe963d8 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49239 – ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data
https://notcve.org/view.php?id=CVE-2022-49239
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This is similar to commit 64b92de9603f ("ASoC: wcd9335: fix a leaked reference by adding missing of_node_put") • https://git.kernel.org/stable/c/a61f3b4f476eceb25274161e5a53a8d18e42610b •