CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47622 – scsi: ufs: Fix a deadlock in the error handler
https://notcve.org/view.php?id=CVE-2021-47622
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler() queues work that calls ufshcd_err_handler() - ufshcd_err_handler() locks up as follows: Workqueue: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Call trace: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 schedule+0x12c/0x298 blk_mq_get_tag+0x210/0x480 __blk_mq_alloc_request+0x1c8/0x284 blk_get_request+0x74/0x134 ufshcd_exec_dev_cmd+0x68/0x640 ufshcd_verify_dev_init+0x68/0x35c ufshcd_probe_hba+0x12c/0x1cb8 ufshcd_host_reset_and_restore+0x88/0x254 ufshcd_reset_and_restore+0xd0/0x354 ufshcd_err_handler+0x408/0xc58 process_one_work+0x24c/0x66c worker_thread+0x3e8/0xa4c kthread+0x150/0x1b4 ret_from_fork+0x10/0x30 Fix this lockup by making ufshcd_exec_dev_cmd() allocate a reserved request. • https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724 https://git.kernel.org/stable/c/d69d98d8edf90e25e4e09930dd36dd6d09dd6768 https://git.kernel.org/stable/c/945c3cca05d78351bba29fa65d93834cb7934c7b •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48783 – net: dsa: lantiq_gswip: fix use after free in gswip_remove()
https://notcve.org/view.php?id=CVE-2022-48783
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). • https://git.kernel.org/stable/c/e177d2e85ebcd3008c4b2abc293f4118e04eedef https://git.kernel.org/stable/c/b5652bc50dde7b84e93dfb25479b64b817e377c1 https://git.kernel.org/stable/c/2443ba2fe396bdde187a2fdfa6a57375643ae93c https://git.kernel.org/stable/c/f48bd34137718042872d06f2c7332b3267a29165 https://git.kernel.org/stable/c/df2495f329b08ac0d0d3e6334a01955ae839005e https://git.kernel.org/stable/c/c61f599b8d33adfa256126a6695c734c0de331cb https://git.kernel.org/stable/c/8c6ae46150a453f8ae9a6cd49b45f354f478587d •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48778 – mtd: rawnand: gpmi: don't leak PM reference in error path
https://notcve.org/view.php?id=CVE-2022-48778
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. • https://git.kernel.org/stable/c/29218853877a748a2ca41d9957a84b2d6a7f56a7 https://git.kernel.org/stable/c/538a5e208e7d29e8b3cb1d79bbb757e8c763b680 https://git.kernel.org/stable/c/0fe08bf9909f02eb487af2cc829f2853ea69bc96 https://git.kernel.org/stable/c/c447696e2f825df7800b0630352bea2d45d09baa https://git.kernel.org/stable/c/4cd3281a910a5adf73b2a0a82241dd67844d0b25 https://git.kernel.org/stable/c/a4eeeaca50199e3f19eb13ac3b7e0bbb93e22de4 https://git.kernel.org/stable/c/4a7ec50298b1127c5024a750c969ea0794899545 https://git.kernel.org/stable/c/58d3111eafce9e4398654b07f0b1dac27 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48775 – Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
https://notcve.org/view.php?id=CVE-2022-48775
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put(). • https://git.kernel.org/stable/c/c2e5df616e1ae6c2a074cb241ebb65a318ebaf7c https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962 https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9 https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48773 – xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
https://notcve.org/view.php?id=CVE-2022-48773
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries free them, resulting in an Oops. • https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0 https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141 https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33 https://access.redhat.com/security/cve/CVE-2022-48773 https://bugzilla.redhat.com/show_bug.cgi?id=2298109 • CWE-476: NULL Pointer Dereference •