CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49271 – cifs: prevent bad output lengths in smb2_ioctl_query_info()
https://notcve.org/view.php?id=CVE-2022-49271
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2_ioctl_query_info() When calling smb2_ioctl_query_info() with smb_query_info::flags=PASSTHRU_FSCTL and smb_query_info::output_buffer_length=0, the following would return 0x10 buffer = memdup_user(arg + sizeof(struct smb_query_info), qi.output_buffer_length); if (IS_ERR(buffer)) { kfree(vars); return PTR_ERR(buffer); } rather than a valid pointer thus making IS_ERR() check fail. This would then cause a... • https://git.kernel.org/stable/c/9963ccea6087268e1275b992dca5d0dd4b938765 •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49267 – mmc: core: use sysfs_emit() instead of sprintf()
https://notcve.org/view.php?id=CVE-2022-49267
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: core: use sysfs_emit() instead of sprintf() sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. • https://git.kernel.org/stable/c/659ca56b5415c7a1d05e185c36fad80ba165d063 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49264 – exec: Force single empty string when argv is empty
https://notcve.org/view.php?id=CVE-2022-49264
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting[1] Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve(2) be the name of a program, thus prohibiting a scenario where argc < 1. POSIX 2017 also recommends this behaviour, but it is not an explicit requirement[2]: The argument arg0 should point to a filename string that is associated with the process being started by one of... • https://git.kernel.org/stable/c/41f6ea5b9aaa28b740d47ffe995a5013211fdbb0 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49259 – block: don't delete queue kobject before its children
https://notcve.org/view.php?id=CVE-2022-49259
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjects has a named attribute group: sysfs group 'modes' not found for kobject 'crypto' WARNING: CPU: 0 PID: 1 at fs/sysfs/group.c:278 sysfs_remove_group+0x72/0x80 ... Call Trace: sysfs_remove_groups+0x29/0x40 fs/sysfs/g... • https://git.kernel.org/stable/c/2c2086afc2b8b974fac32cb028e73dc27bfae442 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49253 – media: usb: go7007: s2250-board: fix leak in probe()
https://notcve.org/view.php?id=CVE-2022-49253
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe() Call i2c_unregister_device(audio) on this error path. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed. • https://git.kernel.org/stable/c/d3b2ccd9e307eae80b4b4eeb0ede46cb02212df2 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49248 – ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
https://notcve.org/view.php?id=CVE-2022-49248
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transaction was supported at a commit 00a7bb81c20f ("ALSA: firewire-lib: Add support for deferred transaction") while 'deferrable' flag can be uninitialized for non-control/notify AV/C transactions. UBSAN reports it: kernel: ================================================================================ kernel: UBSAN: invalid-load in /build/linux-aa0B4d/... • https://git.kernel.org/stable/c/00a7bb81c20f3e81711e28e0f6c08cee8fd18514 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49247 – media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED
https://notcve.org/view.php?id=CVE-2022-49247
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all queued buffers in the driver should be returned with state 'VB2_BUF_STATE_QUEUED'. Currently, they are returned with 'VB2_BUF_STATE_ERROR' which is wrong. Fix this. This also fixes the warning: [ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0... • https://git.kernel.org/stable/c/8ac456495a33d9466076fea94594181ceefb76d9 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49243 – ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
https://notcve.org/view.php?id=CVE-2022-49243
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed. • https://git.kernel.org/stable/c/531f67e41dcde1e358cf821d056241a66355cf03 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49242 – ASoC: mxs: Fix error handling in mxs_sgtl5000_probe
https://notcve.org/view.php?id=CVE-2022-49242
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers. The SUSE Linux Enterprise 15 SP3 kernel was updated to receiv... • https://git.kernel.org/stable/c/e968194b45c4e8077dada75c5bae5660b37628fe •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49241 – ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe
https://notcve.org/view.php?id=CVE-2022-49241
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. • https://git.kernel.org/stable/c/fdbcb3cba54b29a37dfe42acdc0e72c543e0807d •