CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48981 – drm/shmem-helper: Remove errant put in error path
https://notcve.org/view.php?id=CVE-2022-48981
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later use-after-free. In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later us... • https://git.kernel.org/stable/c/2194a63a818db71065ebe09c8104f5f021ca4e7b •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48980 – net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
https://notcve.org/view.php?id=CVE-2022-48980
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries (SJA1105_MAX_L2_POLICING_COUNT) and SJA1110 has 110 (SJA1110_MAX_L2_POLICING_COUNT). In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries (SJA1105_MAX_L2_POLIC... • https://git.kernel.org/stable/c/38fbe91f2287c696f290d9115901aa435f7166a8 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48979 – drm/amd/display: fix array index out of bound error in DCN32 DML
https://notcve.org/view.php?id=CVE-2022-48979
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix array index out of bound error in DCN32 DML [Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. ... In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix array index out of bound error in DCN32 DML [Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. • https://git.kernel.org/stable/c/3d8a298b2e83b98042e6ec726e934f535b23e6aa •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48978 – HID: core: fix shift-out-of-bounds in hid_report_raw_event
https://notcve.org/view.php?id=CVE-2022-48978
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hid_report_raw_event Syzbot reported shift-out-of-bounds in hid_report_raw_event. In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hid_report_raw_event Syzbot reported shift-out-of-bounds in hid_report_raw_event. microsoft 0003:045E:07DA.0001: hid_field_extract() called with n (128) > 32! ... • https://git.kernel.org/stable/c/dde5845a529ff753364a6d1aea61180946270bfa •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48977 – can: af_can: fix NULL pointer dereference in can_rcv_filter
https://notcve.org/view.php?id=CVE-2022-48977
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rcv_filter Analogue to commit 8aa59e355949 ("can: af_can: fix NULL pointer dereference in can_rx_register()") we need to check for a missing initialization of ml_priv in the receive path of CAN frames. In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rcv_filter Analogue to commit 8aa59e355949 ("can: af_can: fix ... • https://git.kernel.org/stable/c/4ac1feff6ea6495cbfd336f4438a6c6d140544a6 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48976 – netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
https://notcve.org/view.php?id=CVE-2022-48976
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable_offload: fix using __this_cpu_add in preemptible flow_offload_queue_work() can be called in workqueue without bh disabled, like the call trace showed in my act_ct testing, calling NF_FLOW_TABLE_STAT_INC() there would cause a call trace: BUG: using __this_cpu_add() in preemptible [00000000] code: kworker/u4:0/138560 caller is flow_offload_queue_work+0xec/0x1b0 [nf_flow_table] Workqueue: act_ct_workqueue tcf_ct_flo... • https://git.kernel.org/stable/c/b038177636f83bbf87c2b238706474145dd2cd04 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48975 – gpiolib: fix memory leak in gpiochip_setup_dev()
https://notcve.org/view.php?id=CVE-2022-48975
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochip_setup_dev() Here is a backtrace report about memory leak detected in gpiochip_setup_dev(): unreferenced object 0xffff88810b406400 (size 512): comm "python3", pid 1682, jiffies 4295346908 (age 24.090s) backtrace: kmalloc_trace device_add device_private_init at drivers/base/core.c:3361 (inlined by) device_add at drivers/base/core.c:3411 cdev_device_add gpiolib_cdev_register gpiochip_setup_dev gpioch... • https://git.kernel.org/stable/c/159f3cd92f17c61a4e2a47456de5865b114ef88e •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48974 – netfilter: conntrack: fix using __this_cpu_add in preemptible
https://notcve.org/view.php?id=CVE-2022-48974
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using __this_cpu_add in preemptible Currently in nf_conntrack_hash_check_insert(), when it fails in nf_ct_ext_valid_pre/post(), NF_CT_STAT_INC() will be called in the preemptible context, a call trace can be triggered: BUG: using __this_cpu_add() in preemptible [00000000] code: conntrack/1636 caller is nf_conntrack_hash_check_insert+0x45/0x430 [nf_conntrack] Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48973 – gpio: amd8111: Fix PCI device reference count leak
https://notcve.org/view.php?id=CVE-2022-48973
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: gpio: amd8111: Fix PCI device reference count leak for_each_pci_dev() is implemented by pci_get_device(). ... In the Linux kernel, the following vulnerability has been resolved: gpio: amd8111: Fix PCI device reference count leak for_each_pci_dev() is implemented by pci_get_device(). • https://git.kernel.org/stable/c/f942a7de047d8c599cc1a9a26293c8c7400450ea •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48972 – mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
https://notcve.org/view.php?id=CVE-2022-48972
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154_netdev_notifier_call+0x120/0x310 include/linux/list.h:114 Call Trace: