CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49392 – serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe
https://notcve.org/view.php?id=CVE-2022-49392
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe platform_get_resource() may fail and return NULL, so we should better check it's return value to avoid a NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe platform_get_resource() may fail and return NULL, so we should better check it's retu... • https://git.kernel.org/stable/c/54da3e381c2b55289b220601f403f17df7b20597 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49390 – macsec: fix UAF bug for real_dev
https://notcve.org/view.php?id=CVE-2022-49390
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get reference to real_dev. That can not ensure that real_dev is freed after macsec. That will trigger the UAF bug for real_dev as following: ================================================================== BUG: KASAN: use-after-free in macsec_get_iflink+0x5f/0x70 drivers/net/macsec.c:3662 Call Trace: ... macsec_get_iflink+0x5f/0x70 drivers/net/macsec.c:3662 dev_get_iflink... • https://git.kernel.org/stable/c/2bce1ebed17da54c65042ec2b962e3234bad5b47 • CWE-416: Use After Free •
CVSS: 5.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-49389 – usb: usbip: fix a refcount leak in stub_probe()
https://notcve.org/view.php?id=CVE-2022-49389
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). When stub_probe() fails after that, usb_put_dev() needs to be called to release the reference. Fix this by moving usb_put_dev() to sdev_free error path handling. Find this by code review. In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc... • https://git.kernel.org/stable/c/3ff67445750a84de67faaf52c6e1895cb09f2c56 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49388 – ubi: ubi_create_volume: Fix use-after-free when volume creation failed
https://notcve.org/view.php?id=CVE-2022-49388
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ubi: ubi_create_volume: Fix use-after-free when volume creation failed There is an use-after-free problem for 'eba_tbl' in ubi_create_volume()'s error handling path: ubi_eba_replace_table(vol, eba_tbl) vol->eba_tbl = tbl out_mapping: ubi_eba_destroy_table(eba_tbl) // Free 'eba_tbl' out_unlock: put_device(&vol->dev) vol_release kfree(tbl->entries) // UAF Fix it by removing redundant 'eba_tbl' releasing. Fetch a reproducer in [Link]. In the L... • https://git.kernel.org/stable/c/493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49386 – net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
https://notcve.org/view.php?id=CVE-2022-49386
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. am65_cpsw_init_cpts() and am65_cpsw_nuss_probe() don't release the refcount in error case. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix some re... • https://git.kernel.org/stable/c/93a76530316a3d8cc2d82c3deca48424fee92100 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49385 – driver: base: fix UAF when driver_attach failed
https://notcve.org/view.php?id=CVE-2022-49385
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, which caused a UAF. To fix it, we need to delete it from the bus when failed. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, ... • https://git.kernel.org/stable/c/190888ac01d059e38ffe77a2291d44cafa9016fb • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49384 – md: fix double free of io_acct_set bioset
https://notcve.org/view.php?id=CVE-2022-49384
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: md: fix double free of io_acct_set bioset Now io_acct_set is alloc and free in personality. Remove the codes that free io_acct_set in md_free and md_stop. In the Linux kernel, the following vulnerability has been resolved: md: fix double free of io_acct_set bioset Now io_acct_set is alloc and free in personality. Remove the codes that free io_acct_set in md_free and md_stop. • https://git.kernel.org/stable/c/00e3d58f50a875343124bcf5a9637520a492b0d1 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49382 – soc: rockchip: Fix refcount leak in rockchip_grf_init
https://notcve.org/view.php?id=CVE-2022-49382
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: rockchip: Fix refcount leak in rockchip_grf_init of_find_matching_node_and_match returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: soc: rockchip: Fix refcount leak in rockchip_grf_init of_find_matching_node_and_match returns a node pointer with refcount incremented, we should... • https://git.kernel.org/stable/c/4c58063d4258f6beb4fd5647db6b58f49e337c8f •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49381 – jffs2: fix memory leak in jffs2_do_fill_super
https://notcve.org/view.php?id=CVE-2022-49381
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2_do_fill_super If jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff888105a65340 (size 64): comm "mount", pid 710, jiffies 4302851558 (age 58.239s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 ... • https://git.kernel.org/stable/c/e631ddba588783edd521c5a89f7b2902772fb691 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49380 – f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
https://notcve.org/view.php?id=CVE-2022-49380
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215897 I have encountered a bug in F2FS file system in kernel v5.17. The kernel should enable CONFIG_KASAN=y and CONFIG_KASAN_INLINE=y. You can reproduce the bug by running the following commands: The kernel message is shown below: kernel BUG at fs/f2fs/f2fs.h:2511! Call Trace: f2fs_remove_inode_page+0x2a2/... • https://git.kernel.org/stable/c/f8b3c3fcf33105bc1ee7788e3b51b0a1ae42ae53 •