CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50720 – x86/apic: Don't disable x2APIC if locked
https://notcve.org/view.php?id=CVE-2022-50720
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor of one that uses MSRs. The APIC mode is controlled by the EXT bit in the APIC MSR. The MMIO/xAPIC interface has some problems, most notably the APIC LEAK [1]. This bug allows an attacker to use the APIC MMIO in... • https://git.kernel.org/stable/c/fb209bd891645bb87b9618b724f0b4928e0df3de •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50719 – ALSA: line6: fix stack overflow in line6_midi_transmit
https://notcve.org/view.php?id=CVE-2022-50719
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device. In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer ove... • https://git.kernel.org/stable/c/f2459201c72e8f8553644505eed19954d4c3a023 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50718 – drm/amdgpu: fix pci device refcount leak
https://notcve.org/view.php?id=CVE-2022-50718
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put(). So before returning from amdgpu_device_resume|suspend_display_audio(), pci_dev_put() is called to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci dev... • https://git.kernel.org/stable/c/3f12acc8d6d4b2e62fab8f652d7075a859d80b42 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50717 – nvmet-tcp: add bounds check on Transfer Tag
https://notcve.org/view.php?id=CVE-2022-50717
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access. The SUSE Linux Enterprise 15 SP5 RT kernel w... • https://git.kernel.org/stable/c/872d26a391da92ed8f0c0f5cb5fef428067b7f30 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50716 – wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
https://notcve.org/view.php?id=CVE-2022-50716
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ================================================================== [ 38.963216][ C3] BUG: KASAN: use-after-free in ar5523_cmd_tx_cb+0x220/0x240 [ 38.964950][ C3] Read of size 8 at addr ffff888048e03450 by task swapper/3/0 [ 38.966363][ C3] [ 38.967053][ C3] CPU: 3 PID: 0 Comm: swapper/3 Not tain... • https://git.kernel.org/stable/c/b7d572e1871df06a96a1c9591c71c5494ff6b624 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-50715 – md/raid1: stop mdx_raid1 thread when raid1 array run failed
https://notcve.org/view.php?id=CVE-2022-50715
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have been released. it will caused a NULL dereference when we do poweroff. This causes the following Oops: [ 287.587787] BUG: kernel NULL pointer dereference, address: 0000000000000070 [ 287.594762] #PF: supervisor read access in kernel m... • https://git.kernel.org/stable/c/5bad5054ecd83c866502f0370edfc9aa55dc9aa7 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50714 – wifi: mt76: mt7921e: fix rmmod crash in driver reload test
https://notcve.org/view.php?id=CVE-2022-50714
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76_dev in mt7921_pci_remove(). We should make sure the drvdata is ready before probe() finished. [168.862789] ================================================================== [168.862797] BUG: KASAN: user-memory-access in try_to_grab_pending+0x59/0x480 [168.862805] Write ... • https://git.kernel.org/stable/c/1c71e03afe4b457a15e50de40006b927dfc00755 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50713 – clk: visconti: Fix memory leak in visconti_register_pll()
https://notcve.org/view.php?id=CVE-2022-50713
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in visconti_register_pll() @pll->rate_table has allocated memory by kmemdup(), if clk_hw_register() fails, it should be freed, otherwise it will cause memory leak issue, this patch fixes it. In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in visconti_register_pll() @pll->rate_table has allocated memory by kmemdup(), if clk_hw_register() fails, it should be fre... • https://git.kernel.org/stable/c/b4cbe606dc3674b25cb661e7cd1a1c6ddaaafaaa •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50712 – devlink: hold region lock when flushing snapshots
https://notcve.org/view.php?id=CVE-2022-50712
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlink_region_snapshot_del+0x12e/0x140 CPU: 1 PID: 787 Comm: devlink Not tainted 6.1.0-07460-g7ae9888d6e1c #580 RIP: 0010:devlink_region_snapshot_del+0x12e/0x140 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-68746 – spi: tegra210-quad: Fix timeout handling
https://notcve.org/view.php?id=CVE-2025-68746
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer timeout is reached. While handling the timeouts, any pending transfers are cleaned up and the message that they correspond to is marked as failed, which leaves the curr_xfer field pointing at stale memory. To avoid this, clear curr_xfe... • https://git.kernel.org/stable/c/921fc1838fb036f690b8ba52e6a6d3644b475cbb •