CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2022-49616 – ASoC: rt7*-sdw: harden jack_detect_handler
https://notcve.org/view.php?id=CVE-2022-49616
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card pointer, which can lead to NULL dereferences encountered in driver bind/unbind tests. In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset... • https://git.kernel.org/stable/c/07a606e1389a63b61cb8cd591026f30529117573 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2022-49615 – ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error
https://notcve.org/view.php?id=CVE-2022-49615
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711->component doesn't be assigned yet. If IO error happened during initial settings operations, it will cause the kernel panic. This patch changed component->dev to slave->dev to fix this issue. In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NU... • https://git.kernel.org/stable/c/269be8b2907378adf72d7347cfa43ef230351a06 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49614 – nvme: use struct group for generic command dwords
https://notcve.org/view.php?id=CVE-2022-49614
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme: use struct group for generic command dwords This will allow the trace event to know the full size of the data intended to be copied and silence read overflow checks. In the Linux kernel, the following vulnerability has been resolved: nvme: use struct group for generic command dwords This will allow the trace event to know the full size of the data intended to be copied and silence read overflow checks. • https://git.kernel.org/stable/c/3d8b35387e01cab217dc4691a6f770cbb6ed852c •
CVSS: 7.1EPSS: %CPEs: 7EXPL: 0CVE-2022-49611 – x86/speculation: Fill RSB on vmexit for IBRS
https://notcve.org/view.php?id=CVE-2022-49611
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly is being mitigated. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comme... • https://git.kernel.org/stable/c/3d323b99ff5c8c57005184056d65f6af5b0479d8 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2022-49610 – KVM: VMX: Prevent RSB underflow before vmenter
https://notcve.org/view.php?id=CVE-2022-49610
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. Balanced returns (matched by a preceding call) are usually ok, but it's at least theoretically possible an NMI with a deep call stack could empty the RSB before one of the returns. For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write an... • https://git.kernel.org/stable/c/afd743f6dde87296c6f3414706964c491bb85862 •
CVSS: 4.7EPSS: %CPEs: 11EXPL: 0CVE-2022-49607 – perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
https://notcve.org/view.php?id=CVE-2022-49607
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() Yang Jihing reported a race between perf_event_set_output() and perf_mmap_close(): CPU1 CPU2 perf_mmap_close(e2) if (atomic_dec_and_test(&e2->rb->mmap_count)) // 1 - > 0 detach_rest = true ioctl(e1, IOC_SET_OUTPUT, e2) perf_event_set_output(e1, e2) ... list_for_each_entry_rcu(e, &e2->rb->event_list, rb_entry) ring_buffer_attach(e, NULL); // e1 isn't yet added and... • https://git.kernel.org/stable/c/9bb5d40cd93c9dd4be74834b1dcb1ba03629716b •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-49598 – tcp: Fix data-races around sysctl_tcp_mtu_probing.
https://notcve.org/view.php?id=CVE-2022-49598
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_mtu_probing. While reading sysctl_tcp_mtu_probing, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_mtu_probing. While reading sysctl_tcp_mtu_probing, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/5d424d5a674f782d0659a3b66d951f412901faee •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2022-49597 – tcp: Fix data-races around sysctl_tcp_base_mss.
https://notcve.org/view.php?id=CVE-2022-49597
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_base_mss. While reading sysctl_tcp_base_mss, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_base_mss. While reading sysctl_tcp_base_mss, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/5d424d5a674f782d0659a3b66d951f412901faee •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2022-49587 – tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
https://notcve.org/view.php?id=CVE-2022-49587
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_notsent_lowat. While reading sysctl_tcp_notsent_lowat, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader. • https://git.kernel.org/stable/c/c9bee3b7fdecb0c1d070c7b54113b3bdfb9a3d36 •
CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2022-49586 – tcp: Fix data-races around sysctl_tcp_fastopen.
https://notcve.org/view.php?id=CVE-2022-49586
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_fastopen. While reading sysctl_tcp_fastopen, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. • https://git.kernel.org/stable/c/2100c8d2d9db23c0a09901a782bb4e3b21bee298 •