CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50667 – drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()
https://notcve.org/view.php?id=CVE-2022-50667
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page for the instance des... • https://git.kernel.org/stable/c/7a7a933edd6c3a6d5d64e08093f2d564104cefcd •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50666 – RDMA/siw: Fix QP destroy to wait for all references dropped.
https://notcve.org/view.php?id=CVE-2022-50666
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siw_qp_destroy() call, so siw must not hold any remaining reference to the QP upon return. A use-after-free was encountered in xfstest generic/460, while testing NFSoRDMA. Here, after a TCP connection drop by peer, the triggered siw_cm_w... • https://git.kernel.org/stable/c/303ae1cdfdf7280ff4cfbbe65563b5ff15bb025b •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50664 – media: dvb-frontends: fix leak of memory fw
https://notcve.org/view.php?id=CVE-2022-50664
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw • https://git.kernel.org/stable/c/55f51efdb696ff6e9d2056377d05268a97f3d4e4 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50663 – net: stmmac: fix possible memory leak in stmmac_dvr_probe()
https://notcve.org/view.php?id=CVE-2022-50663
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmac_dvr_probe() The bitmap_free() should be called to free priv->af_xdp_zc_qps when create_singlethread_workqueue() fails, otherwise there will be a memory leak, so we add the err path error_wq_init to fix it. In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmac_dvr_probe() The bitmap_free() should be called to free priv->af_xdp_zc_qps... • https://git.kernel.org/stable/c/bba2556efad66e7eaa56fece13f7708caa1187f8 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50662 – RDMA/hns: fix memory leak in hns_roce_alloc_mr()
https://notcve.org/view.php?id=CVE-2022-50662
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hns_roce_alloc_mr() When hns_roce_mr_enable() failed in hns_roce_alloc_mr(), mr_key is not released. Compiled test only. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hns_roce_alloc_mr() When hns_roce_mr_enable() failed in hns_roce_alloc_mr(), mr_key is not released. Compiled test only. • https://git.kernel.org/stable/c/9b2cf76c9f052987ae5c4ad450ebebdc7c5d7b87 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50661 – seccomp: Move copy_seccomp() to no failure path.
https://notcve.org/view.php?id=CVE-2022-50661
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects included in it. We can reproduce the issue with the program below [2] which calls one seccomp() and two clone() syscalls. The first clone()d child exits earlier than its parent and sends a signal to kill it during the second clone(), mo... • https://git.kernel.org/stable/c/3a15fb6ed92cb32b0a83f406aa4a96f28c9adbc3 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50660 – wifi: ipw2200: fix memory leak in ipw_wdev_init()
https://notcve.org/view.php?id=CVE-2022-50660
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipw_wdev_init() In the error path of ipw_wdev_init(), exception value is returned, and the memory applied for in the function is not released. Also the memory is not released in ipw_pci_probe(). As a result, memory leakage occurs. So memory release needs to be added to the error path of ipw_wdev_init(). In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipw... • https://git.kernel.org/stable/c/a3caa99e6c68f466c13cfea74097f6fb01b45e25 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50659 – hwrng: geode - Fix PCI device refcount leak
https://notcve.org/view.php?id=CVE-2022-50659
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also decrease the reference count for the input pci_dev @from if it is not NULL. If we break for_each_pci_dev() loop with pdev not NULL, we need to call pci_dev_put() to decrease the reference count. We add a new struct 'amd_geode_priv' ... • https://git.kernel.org/stable/c/ef5d862734b84239e0140319a95fb0bbff5ef394 •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50658 – cpufreq: qcom: fix memory leak in error path
https://notcve.org/view.php?id=CVE-2022-50658
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the error path to always free the speedbin buffer. In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory... • https://git.kernel.org/stable/c/a8811ec764f95a04ba82f6f457e28c5e9e36e36b •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-53820 – loop: loop_set_status_from_info() check before assignment
https://notcve.org/view.php?id=CVE-2023-53820
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: loop: loop_set_status_from_info() check before assignment In loop_set_status_from_info(), lo->lo_offset and lo->lo_sizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed to the wrong value, and it will not be changed back. More, the original patch did not solve the problem, the value was set and ioctl returned an error, but the subsequent io used the value in the loop... • https://git.kernel.org/stable/c/2035c770bfdbcc82bd52e05871a7c82db9529e0f •