CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50147 – mm/mempolicy: fix get_nodes out of bound access
https://notcve.org/view.php?id=CVE-2022-50147
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix get_nodes out of bound access When user specified more nodes than supported, get_nodes will access nmask array out of bounds. In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix get_nodes out of bound access When user specified more nodes than supported, get_nodes will access nmask array out of bounds. • https://git.kernel.org/stable/c/e130242dc351f1cfa2bbeb6766a1486ce936ef88 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50146 – PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
https://notcve.org/view.php?id=CVE-2022-50146
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors If dw_pcie_ep_init() fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be undone thus causing a memory leak. Add a cleanup-on-error path to fix these leaks. [bhelgaas: commit log] In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors... • https://git.kernel.org/stable/c/2fd0c9d966cc11bb5f73556dd788d12f501d8755 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50145 – dmaengine: sf-pdma: Add multithread support for a DMA channel
https://notcve.org/view.php?id=CVE-2022-50145
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: Add multithread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 64 > /sys/module/dmatest/parameters/threads_per_chan % echo 10000 > /sys/module/dmatest/parameters/iterations % echo 1 > /sys/module/dmatest/parameters/run [ 89.480664] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0 [ 89.488725] O... • https://git.kernel.org/stable/c/6973886ad58e6b4988813331abb76ae0b364a9c2 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50144 – soundwire: revisit driver bind/unbind and callbacks
https://notcve.org/view.php?id=CVE-2022-50144
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following sequence to remove machine driver and codec driver. /sbin/modprobe -r snd_soc_sof_sdw /sbin/modprobe -r snd_soc_rt711 The full details can be found in the BugLink below, for reference the two following examples show ... • https://git.kernel.org/stable/c/56d4fe31af77f684bed62fb8201e6327e6ddf4e6 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50143 – intel_th: Fix a resource leak in an error handling path
https://notcve.org/view.php?id=CVE-2022-50143
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq_vectors()' must be called as already done in the remove function. In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq_vectors()' must be called as already done in the r... • https://git.kernel.org/stable/c/7b7036d47c356a40818e516a69ac81a5dcc1613f •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50142 – intel_th: msu: Fix vmalloced buffers
https://notcve.org/view.php?id=CVE-2022-50142
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: intel_th: msu: Fix vmalloced buffers After commit f5ff79fddf0e ("dma-mapping: remove CONFIG_DMA_REMAP") there's a chance of DMA buffer getting allocated via vmalloc(), which messes up the mmapping code: > RIP: msc_mmap_fault [intel_th_msu] > Call Trace: >
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50141 – mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
https://notcve.org/view.php?id=CVE-2022-50141
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() checks null pointer. In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_nod... • https://git.kernel.org/stable/c/ea35645a3c66a74af92d3bbb4eb131220fc3e58a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50140 – memstick/ms_block: Fix a memory leak
https://notcve.org/view.php?id=CVE-2022-50140
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corresponding bitmap_free() in msb_data_clear(). In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_b... • https://git.kernel.org/stable/c/0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50139 – usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
https://notcve.org/view.php?id=CVE-2022-50139
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() We should call of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() We should call of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. • https://git.kernel.org/stable/c/30d2617fd7ed052c30d1c21ddd4af4703d922be8 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50138 – RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
https://notcve.org/view.php?id=CVE-2022-50138
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() __qedr_alloc_mr() allocates a memory chunk for "mr->info.pbl_table" with init_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, "mr" is released while "mr->info.pbl_table" is not released, which will lead to a memory leak. We should release the "mr->info.pbl_table" with qedr_free_pbl() when error occurs to fix the memory leak. In the Linux kernel, the following vulnerabi... • https://git.kernel.org/stable/c/e0290cce6ac02f8e5ec501f25f6f6900f384550c •