CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48971 – Bluetooth: Fix not cleanup led when bt_init fails
https://notcve.org/view.php?id=CVE-2022-48971
21 Oct 2024 — This can cause panic if the argument "bluetooth-power" in text is freed and then another led_trigger_register() tries to access it: BUG: unable to handle page fault for address: ffffffffc06d3bc0 RIP: 0010:strcmp+0xc/0x30 Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48970 – af_unix: Get user_ns from in_skb in unix_diag_get_exact().
https://notcve.org/view.php?id=CVE-2022-48970
21 Oct 2024 — [0]: BUG: kernel NULL pointer dereference, address: 0000000000000270 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 12bbce067 P4D 12bbce067 PUD 12bc40067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 0 PID: 27942 Comm: syz-executor.0 Not tainted 6.1.0-rc5-next-20221118 #2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-48-gd9c812dda519-prebuilt.qemu.org 04/01/2014 RIP: 0010:sk_user_ns include/net/sock.h:920 [inline] RIP: 0010:sk_diag_dump_uid net/un... • https://git.kernel.org/stable/c/cae9910e73446cac68a54e3a7b02aaa12b689026 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48969 – xen-netfront: Fix NULL sring after live migration
https://notcve.org/view.php?id=CVE-2022-48969
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with source host is destroyed before live migration and new sring with target host is setup after live migration. The NAPI for the old sring is not deleted until setup new sring with target host after migration. ... • https://git.kernel.org/stable/c/4ec2411980d0fd2995e8dea8a06fe57aa47523cb •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48968 – octeontx2-pf: Fix potential memory leak in otx2_init_tc()
https://notcve.org/view.php?id=CVE-2022-48968
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential memory leak in otx2_init_tc() In otx2_init_tc(), if rhashtable_init() failed, it does not free tc->tc_entries_bitmap which is allocated in otx2_tc_alloc_ent_bitmap(). In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential memory leak in otx2_init_tc() In otx2_init_tc(), if rhashtable_init() failed, it does not free tc->tc_entries_bitmap which is allocated in ... • https://git.kernel.org/stable/c/2e2a8126ffac66b9b177ce78ad430281c0c8cc74 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48967 – NFC: nci: Bounds check struct nfc_target arrays
https://notcve.org/view.php?id=CVE-2022-48967
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nfc/nci/ntf.c:260 (size 18) This appears to be a legitimate lack of bounds checking in nci_add_new_protocol(). In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target array... • https://git.kernel.org/stable/c/019c4fbaa790e2b3f11dab0c8b7d9896d77db3e5 •
CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48966 – net: mvneta: Prevent out of bounds read in mvneta_config_rss()
https://notcve.org/view.php?id=CVE-2022-48966
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvneta_config_rss() The pp->indir[0] value comes from the user. ... In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvneta_config_rss() The pp->indir[0] value comes from the user. • https://git.kernel.org/stable/c/cad5d847a093077b499a8b0bbfe6804b9226c03e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48965 – gpio/rockchip: fix refcount leak in rockchip_gpiolib_register()
https://notcve.org/view.php?id=CVE-2022-48965
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: gpio/rockchip: fix refcount leak in rockchip_gpiolib_register() The node returned by of_get_parent() with refcount incremented, of_node_put() needs be called when finish using it. In the Linux kernel, the following vulnerability has been resolved: gpio/rockchip: fix refcount leak in rockchip_gpiolib_register() The node returned by of_get_parent() with refcount incremented, of_node_put() needs be called when finish using it. • https://git.kernel.org/stable/c/936ee2675eee1faca0dcdfa79165c7990422e0fc •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48964 – ravb: Fix potential use-after-free in ravb_rx_gbeth()
https://notcve.org/view.php?id=CVE-2022-48964
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravb_rx_gbeth() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravb_rx_gbeth() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free... • https://git.kernel.org/stable/c/1c59eb678cbd8d322d06d3a5514d36e8e1a4e84c •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48963 – net: wwan: iosm: fix memory leak in ipc_mux_init()
https://notcve.org/view.php?id=CVE-2022-48963
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_mux_init() When failed to alloc ipc_mux->ul_adb.pp_qlt in ipc_mux_init(), ipc_mux is not released. In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_mux_init() When failed to alloc ipc_mux->ul_adb.pp_qlt in ipc_mux_init(), ipc_mux is not released. • https://git.kernel.org/stable/c/1f52d7b622854b8bd7a1be3de095ca2e1f77098e •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48962 – net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
https://notcve.org/view.php?id=CVE-2022-48962
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may tr... • https://git.kernel.org/stable/c/542ae60af24f02e130e62cb3b7c23163a2350056 •