CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2025-37798 – codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
https://notcve.org/view.php?id=CVE-2025-37798
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue(). • https://git.kernel.org/stable/c/76e3cc126bb223013a6b9a0e2a51238d1ef2e409 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49927 – nfs4: Fix kmemleak when allocate slot failed
https://notcve.org/view.php?id=CVE-2022-49927
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100 (size 64): comm ""mount.nfs"", pid 679, jiffies 4294744957 (age 115.037s) hex dump (first 32 bytes): 00 cc 19 73 81 88 ff ff 00 a0 5a 11 81 88 ff ff ...s......Z..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backt... • https://git.kernel.org/stable/c/abf79bb341bf52f75f295b850abdf5f78f584311 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49925 – RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
https://notcve.org/view.php?id=CVE-2022-49925
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f] CPU: 1 PID: 379 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:destroy_workqueue+0x2f/0x740 RSP: 0018:ffff888016137df8 EFLAGS: 00000202 ... Call Trace: ib_core_cleanup+0xa/0xa1 [ib_core] __do_sys_delete_module.constprop.0+0x34f/0x5b0 do_syscall_64+0x3a/0x90 entry_SY... • https://git.kernel.org/stable/c/03db3a2d81e6e84f3ed3cb9e087cae17d762642b •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49924 – nfc: fdp: Fix potential memory leak in fdp_nci_send()
https://notcve.org/view.php?id=CVE-2022-49924
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: Fix potential memory leak in fdp_nci_send() fdp_nci_send() will call fdp_nci_i2c_write that will not free skb in the function. As a result, when fdp_nci_i2c_write() finished, the skb will memleak. fdp_nci_send() should free skb after fdp_nci_i2c_write() finished. In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: Fix potential memory leak in fdp_nci_send() fdp_nci_send() will call fdp_nci_i2c_write that ... • https://git.kernel.org/stable/c/a06347c04c13e380afce0c9816df51f00b83faf1 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49923 – nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
https://notcve.org/view.php?id=CVE-2022-49923
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() nxp_nci_send() will call nxp_nci_i2c_write(), and only free skb when nxp_nci_i2c_write() failed. However, even if the nxp_nci_i2c_write() run succeeds, the skb will not be freed in nxp_nci_i2c_write(). As the result, the skb will memleak. nxp_nci_send() should also free the skb when nxp_nci_i2c_write() succeeds. In the Linux kernel, the following vulnerability has been resolved: nfc:... • https://git.kernel.org/stable/c/dece45855a8b0d1dcf48eb01d0822070ded6a4c8 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49922 – nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
https://notcve.org/view.php?id=CVE-2022-49922
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() nfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb should be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send() will only free skb when i2c_master_send() return >=0, which means skb will memleak when i2c_master_send() failed. Free skb no matter whether i2c_master_send() succeeds. In the Linux kernel, the following vulnerability has been resolved: n... • https://git.kernel.org/stable/c/b5b3e23e4cace008e1a30e8614a484d14dfd07a1 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49921 – net: sched: Fix use after free in red_enqueue()
https://notcve.org/view.php?id=CVE-2022-49921
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in red_enqueue() We can't use "skb" again after passing it to qdisc_enqueue(). This is basically identical to commit 2f09707d0c97 ("sch_sfb: Also store skb len before calling child enqueue"). In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in red_enqueue() We can't use "skb" again after passing it to qdisc_enqueue(). This is basically identical to commit 2f097... • https://git.kernel.org/stable/c/d7f4f332f082c4d4ba53582f902ed6b44fd6f45e •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49918 – ipvs: fix WARNING in __ip_vs_cleanup_batch()
https://notcve.org/view.php?id=CVE-2022-49918
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in __ip_vs_cleanup_batch() During the initialization of ip_vs_conn_net_init(), if file ip_vs_conn or ip_vs_conn_sync fails to be created, the initialization is successful by default. Therefore, the ip_vs_conn or ip_vs_conn_sync file doesn't be found during the remove. The following is the stack information: name 'ip_vs_conn_sync' WARNING: CPU: 3 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked i... • https://git.kernel.org/stable/c/61b1ab4583e275af216c8454b9256de680499b19 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49917 – ipvs: fix WARNING in ip_vs_app_net_cleanup()
https://notcve.org/view.php?id=CVE-2022-49917
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file doesn't be found during the remove in ip_vs_app_net_cleanup(). It will cause WRNING. The following is the stack information: name 'ip_vs_app' WARNING: CPU: 1 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked... • https://git.kernel.org/stable/c/457c4cbc5a3dde259d2a1f15d5f9785290397267 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49916 – rose: Fix NULL pointer dereference in rose_send_frame()
https://notcve.org/view.php?id=CVE-2022-49916
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rose_send_frame() The syzkaller reported an issue: KASAN: null-ptr-deref in range [0x0000000000000380-0x0000000000000387] CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 Workqueue: rcu_gp srcu_invoke_callbacks RIP: 0010:rose_send_frame+0x1dd/0x2f0 net/rose/rose_link.c:101 Call... • https://git.kernel.org/stable/c/76885373129b13df35ecc9b4ee86ea5840f12133 •