CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50279 – wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit()
https://notcve.org/view.php?id=CVE-2022-50279
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KASAN: BUG: KASAN: global-out-of-bounds in _rtl8812ae_eq_n_byte.part.0+0x3d/0x84 [rtl8821ae] Read of size 1 at addr ffffffffa0773c43 by task NetworkManager/411 CPU: 6 PID: 411 Comm: NetworkManager Tainted: G D 6.1.0-rc8+ #144 e15588508517267d37 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50278 – PNP: fix name memory leak in pnp_alloc_dev()
https://notcve.org/view.php?id=CVE-2022-50278
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnp_alloc_dev() After commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, move dev_set_name() after pnp_add_id() to avoid memory leak. In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnp_alloc_dev() After commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array")... • https://git.kernel.org/stable/c/1fa5ae857bb14f6046205171d98506d8112dd74e •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-50275 – drm/radeon: Add the missed acpi_put_table() to fix memory leak
https://notcve.org/view.php?id=CVE-2022-50275
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add the missed acpi_put_table() to fix memory leak When the radeon driver reads the bios information from ACPI table in radeon_acpi_vfct_bios(), it misses to call acpi_put_table() to release the ACPI memory after the init, so add acpi_put_table() properly to fix the memory leak. v2: fix text formatting (Alex) In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add the missed acpi_put_table() to fix me... • https://git.kernel.org/stable/c/268ba0a99f89a84dc5eb312470896113d0709c74 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50274 – media: dvbdev: adopts refcnt to avoid UAF
https://notcve.org/view.php?id=CVE-2022-50274
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: adopts refcnt to avoid UAF dvb_unregister_device() is known that prone to use-after-free. That is, the cleanup from dvb_unregister_device() releases the dvb_device even if there are pointers stored in file->private_data still refer to it. This patch adds a reference counter into struct dvb_device and delays its deallocation until no pointer refers to the object. In the Linux kernel, the following vulnerability has been resolv... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50273 – f2fs: fix to do sanity check on destination blkaddr during recovery
https://notcve.org/view.php?id=CVE-2022-50273
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on destination blkaddr during recovery As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 loop5: detected capacity change from 0 to 131072 F2FS-fs (loop5): recover_inode: ino = 6, name = hln, inline = 1 F2FS-fs (loop5): recover_data: ino = 6 (i_size: recover) err = 0 F2FS-fs (loop5): recover_inode: ino = 6, name = hln, inline = 1 F2FS-fs (loop5): recover_data: ino = 6 (i_size... • https://git.kernel.org/stable/c/98e4da8ca301e062d79ae168c67e56f3c3de3ce4 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50272 – media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
https://notcve.org/view.php?id=CVE-2022-50272
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei Chen reports a kernel bug as blew: general protection fault, probably for non-canonical address KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50271 – vhost/vsock: Use kvmalloc/kvfree for larger packets.
https://notcve.org/view.php?id=CVE-2022-50271
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure: order:4, mode:0x24040c0 Call Trace: [
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50268 – mmc: moxart: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50268
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(). In the Linux kernel, the following vulnerability has been resolved: mmc: moxart: f... • https://git.kernel.org/stable/c/1b66e94e6b9995323190f31c51d8e1a6f516627e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50267 – mmc: rtsx_pci: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50267
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_pci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path, beside, runtime PM also needs be disabled. In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/ff984e57d36e8ac468849a144a36f1c11f88b61c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50266 – kprobes: Fix check for probe enabled in kill_kprobe()
https://notcve.org/view.php?id=CVE-2022-50266
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in kill_kprobe() In kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be called always fails. This is because before that we set the KPROBE_FLAG_GONE flag for kprobe so that "!kprobe_disabled(p)" is always false. The disarm_kprobe_ftrace() call introduced by commit: 0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler") to fix the NULL pointer reference problem. Wh... • https://git.kernel.org/stable/c/3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e •