CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49783 – x86/fpu: Drop fpregs lock before inheriting FPU permissions
https://notcve.org/view.php?id=CVE-2022-49783
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Drop fpregs lock before inheriting FPU permissions Mike Galbraith reported the following against an old fork of preempt-rt but the same issue also applies to the current preempt-rt tree. BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: systemd preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 Preemption disabled at: fpu_c... • https://git.kernel.org/stable/c/9e798e9aa14c45fb94e47b30bf6347b369ce9df7 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49781 – perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling
https://notcve.org/view.php?id=CVE-2022-49781
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling amd_pmu_enable_all() does: if (!test_bit(idx, cpuc->active_mask)) continue; amd_pmu_enable_event(cpuc->events[idx]); A perf NMI of another event can come between these two steps. Perf NMI handler internally disables and enables _all_ events, including the one which nmi-intercepted amd_pmu_enable_all() was in process of enabling. If that unintentionally e... • https://git.kernel.org/stable/c/ada543459cab7f653dcacdaba4011a8bb19c627c •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49780 – scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
https://notcve.org/view.php?id=CVE-2022-49780
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup(). The 'tl_hba' will be freed in tcm_loop_release_adapter(), so it do... • https://git.kernel.org/stable/c/3703b2c5d041a68095cdd22380c23ce27d449ad7 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49779 – kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
https://notcve.org/view.php?id=CVE-2022-49779
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have post_handler, the post_handler of the aggrprobe is cleared. If this is a ftrace-based probe, there is a problem. In later calls to disarm_kprobe(), we will use kprobe_ftrace_ops because post_handler is NULL. But we're armed with kprobe_... • https://git.kernel.org/stable/c/0bc11ed5ab60c135aa764a62c02cd5ea68289de4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49778 – arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud
https://notcve.org/view.php?id=CVE-2022-49778
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud The page table check trigger BUG_ON() unexpectedly when collapse hugepage: ------------[ cut here ]------------ kernel BUG at mm/page_table_check.c:82! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 6 PID: 68 Comm: khugepaged Not tainted 6.1.0-rc3+ #750 Hardware name: linux,dummy-virt (DT) pstate: 60000005 ... • https://git.kernel.org/stable/c/42b2547137f5c974bb1bfd657c869fe96b96d86f •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49777 – Input: i8042 - fix leaking of platform device on module removal
https://notcve.org/view.php?id=CVE-2022-49777
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by i8042_exit() on module unload. In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_... • https://git.kernel.org/stable/c/68fdb0499653a2519691e645fcb72944f6e1e220 •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49776 – macvlan: enforce a consistent minimal mtu
https://notcve.org/view.php?id=CVE-2022-49776
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior (which could lead to crashes in ipv6 stack if the link is brought up) $ ip link add macvlan1 link eno1 mtu 8 type macvlan # This should fail ! $ ip link sh dev macvlan1 5: macvlan1@eno1:
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49775 – tcp: cdg: allow tcp_cdg_release() to be called multiple times
https://notcve.org/view.php?id=CVE-2022-49775
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG, because it might trigger a double-free [1] Instead of fixing MPTCP, and future bugs, we can make tcp_disconnect() more resilient. [1] BUG: KASAN: double-free in slab_free mm/slub.c:3539 [inline] BUG: KASAN: double-free in kfree+0xe2... • https://git.kernel.org/stable/c/2b0a8c9eee81882fc0001ccf6d9af62cdc682f9e •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49774 – KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()
https://notcve.org/view.php?id=CVE-2022-49774
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introduce new goto target instead. - Paolo] • https://git.kernel.org/stable/c/2fd6df2f2b47d4301b1ee0fe9d627d1c061a5988 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49773 – drm/amd/display: Fix optc2_configure warning on dcn314
https://notcve.org/view.php?id=CVE-2022-49773
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix optc2_configure warning on dcn314 [Why] dcn314 uses optc2_configure_crc() that wraps optc1_configure_crc() + set additional registers not applicable to dcn314. It's not critical but when used leads to warning like: WARNING: drivers/gpu/drm/amd/amdgpu/../display/dc/dc_helper.c Call Trace: