CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50144 – soundwire: revisit driver bind/unbind and callbacks
https://notcve.org/view.php?id=CVE-2022-50144
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following sequence to remove machine driver and codec driver. /sbin/modprobe -r snd_soc_sof_sdw /sbin/modprobe -r snd_soc_rt711 The full details can be found in the BugLink below, for reference the two following examples show ... • https://git.kernel.org/stable/c/56d4fe31af77f684bed62fb8201e6327e6ddf4e6 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50143 – intel_th: Fix a resource leak in an error handling path
https://notcve.org/view.php?id=CVE-2022-50143
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq_vectors()' must be called as already done in the remove function. In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq_vectors()' must be called as already done in the r... • https://git.kernel.org/stable/c/7b7036d47c356a40818e516a69ac81a5dcc1613f •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50142 – intel_th: msu: Fix vmalloced buffers
https://notcve.org/view.php?id=CVE-2022-50142
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: intel_th: msu: Fix vmalloced buffers After commit f5ff79fddf0e ("dma-mapping: remove CONFIG_DMA_REMAP") there's a chance of DMA buffer getting allocated via vmalloc(), which messes up the mmapping code: > RIP: msc_mmap_fault [intel_th_msu] > Call Trace: >
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50141 – mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
https://notcve.org/view.php?id=CVE-2022-50141
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() checks null pointer. In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_nod... • https://git.kernel.org/stable/c/ea35645a3c66a74af92d3bbb4eb131220fc3e58a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50140 – memstick/ms_block: Fix a memory leak
https://notcve.org/view.php?id=CVE-2022-50140
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corresponding bitmap_free() in msb_data_clear(). In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_b... • https://git.kernel.org/stable/c/0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50139 – usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
https://notcve.org/view.php?id=CVE-2022-50139
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() We should call of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() We should call of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. • https://git.kernel.org/stable/c/30d2617fd7ed052c30d1c21ddd4af4703d922be8 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50138 – RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
https://notcve.org/view.php?id=CVE-2022-50138
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() __qedr_alloc_mr() allocates a memory chunk for "mr->info.pbl_table" with init_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, "mr" is released while "mr->info.pbl_table" is not released, which will lead to a memory leak. We should release the "mr->info.pbl_table" with qedr_free_pbl() when error occurs to fix the memory leak. In the Linux kernel, the following vulnerabi... • https://git.kernel.org/stable/c/e0290cce6ac02f8e5ec501f25f6f6900f384550c •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50136 – RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
https://notcve.org/view.php?id=CVE-2022-50136
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IW_CM_EVENT_CONNECT_REPLY in this case. This may trigger a call trace in iw_cm. A simple way to trigger this: server: ib_send_lat client: ib_send_lat -R
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50134 – RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
https://notcve.org/view.php?id=CVE-2022-50134
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setup_base_ctxt() setup_base_ctxt() allocates a memory chunk for uctxt->groups with hfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt->groups is not released, which will lead to a memory leak. We should release the uctxt->groups with hfi1_free_ctxt_rcv_groups() when init_user_ctxt() fails. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memor... • https://git.kernel.org/stable/c/e87473bc1b6c2cb08f1b760cfc8cd012822241a6 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50132 – usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()
https://notcve.org/view.php?id=CVE-2022-50132
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() If 'ep' is NULL, result of ep_to_cdns3_ep(ep) is invalid pointer and its dereference with priv_ep->cdns3_dev may cause panic. Found by Linux Verification Center (linuxtesting.org) with SVACE. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), c... • https://git.kernel.org/stable/c/7733f6c32e36ff9d7adadf40001039bf219b1cbe •